Security Affairs

FEBRUARY 16, 2021

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware. After that, the following files are extracted, namely: Avira.exe : Legitimate injector from Avira Antivirus. In the last few years, many banking trojans developed by Latin American criminals have increased in volume and sophistication.

Antivirus 133

Antivirus Malware Banking Internet 133

Security Affairs

MAY 5, 2022

Researcher discovered a couple of high-severity security flaws that affect a driver used by Avast and AVG antivirus solutions. SentinelOne researcher Kasif Dekel discovered two high-severity security vulnerabilities, tracked as CVE-2022-26522 and CVE-2022-26523, that affect a driver used by Avast and AVG antivirus solutions.

Antivirus 98

Antivirus Hacking Software Cybersecurity 98

Security Affairs

SEPTEMBER 19, 2024

Russian anti-virus firm Doctor Web (Dr.Web) disconnected all servers following a cyberattack over the weekend. This week, the Russian anti-malware firm Doctor Web (Dr.Web) announced that it had disconnected all servers following a cyberattack on Saturday, September 14.

Antivirus 136

Antivirus Malware Hacking Information Security 136

Security Affairs

AUGUST 27, 2022

Threat actors abused a vulnerable anti-cheat driver for the Genshin Impact video game to disable antivirus software. sys, for the Genshin Impact video game to disable antivirus software. The driver is currently being abused by a ransomware actor to kill antivirus processes and services for mass-deploying ransomware.”

Antivirus 98

Antivirus Ransomware Malware Cybercrime 98

Security Affairs

FEBRUARY 17, 2023

Cisco addressed a critical vulnerability in the ClamAV open source antivirus engine that can lead to remote code execution on vulnerable devices. Cisco fixed a critical flaw, tracked as CVE-2023-20032 (CVSS score: 9.8), in the ClamAV open source antivirus engine.

Antivirus 98

Antivirus Engineering Malware Hacking 98

Security Affairs

APRIL 2, 2025

.” To protect against malware, experts recommend buying smartphones from authorized distributors and installing security solutions like Kaspersky for Android immediately. In March 2018, security researchers at Antivirus firmDr.Web discovered that 42 models of low-cost Android smartphones were shipped with the Android.Triada.231

Malware 120

Malware Cryptocurrency Mobile Firmware 120

Security Affairs

JANUARY 10, 2025

A version discovered by Check Point in September relied on Apple’s XProtect encryption algorithm for obfuscation, allowing it to evade antivirus detection until its source code leak in November. The malicious code was advertised on cybercrime forums for $3,000 per month.

Malware 120

Malware Advertising Antivirus Cybercrime 120

Security Affairs

FEBRUARY 13, 2025

Users that played the game have received the following email: pic.twitter.com/B98BFs0WbK — SteamDB (@SteamDB) February 12, 2025 The game PirateFi was released as beta, but multiple antivirus flagged it as “Trojan.Win32.Lazzzy.gen.” Lazzzy.gen.” SteamDB estimates that over 800 users may have downloaded the game.

Malware 109

Malware Antivirus Accountability Software 109

Security Affairs

MARCH 31, 2025

The PowerShell code avoids antivirus detection by using Get-Command to execute the payload. The malicious LNK files, created on two machines, contain PowerShell code to download the next stage payload and a decoy file to disguise the infection.

Phishing 112

Phishing Antivirus Encryption Hacking 112

Security Affairs

NOVEMBER 6, 2024

” The hospital identified the ransomware attack early Saturday after antivirus software installed on the employees’ PCs flagged potential risks. While we believe this issue will not impact either the level or the quality of care we provide to our patients, we want to be fully transparent regarding this situation.”

Ransomware 125

Ransomware Healthcare Antivirus Data breaches 125

Security Affairs

FEBRUARY 4, 2025

It gathers system details, including antivirus information, encodes the data, and sends it to a remote server. .” The decrypted MSIL file maintains persistence by modifying the Windows registry to execute a PowerShell command that downloads the Coyote Banking Trojan.

Banking 117

Banking Malware Antivirus Cyber threats 117

Security Affairs

MARCH 11, 2020

Antivirus maker Avast has disabled a core component of its antivirus to address a severe vulnerability that would have allowed attackers to control users’ PC. Ormandy pointed out that the main Avast antivirus process, AvastSvc.exe, which, runs as SYSTEM.

Engineering 144

Engineering Antivirus Advertising Hacking 144

Webroot

MARCH 3, 2025

During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure. How to protect yourself and your data Smart ways to secure your devices Strong passwords – Make them long, random, and unique.

Consumer Protection 88

Consumer Protection Identity Theft Scams Social Engineering 88

Security Boulevard

MARCH 25, 2021

In the last decade the role of the chief information security officer (CISO) has evolved considerably. Not long ago, the CISO was considered a part of the IT team and their main focus was on building firewalls, implementing antivirus and keeping spam emails at bay. Today, however, things are very different. The huge surge in.

CISO 128

CISO Antivirus Firewall Information Security 128

Security Affairs

NOVEMBER 22, 2020

“Two Romanian suspects have been arrested yesterday for allegedly running the CyberSeal and Dataprotector crypting services to evade antivirus software detection.” The pair also operated the Cyberscan service which allowed their clients to test their malware against antivirus tools. ” continues the press release.

Malware 142

Malware Antivirus Cybercrime Software 142

Security Affairs

DECEMBER 17, 2024

Recommendations include timely patching, using strong and unique passwords, enabling multi-factor authentication, implementing security tools to detect abnormal activity, auditing accounts, scanning for open ports, segmenting networks, updating antivirus software, and creating offline backups.

Architecture 107

Architecture Internet Internet Malware 107

Security Affairs

MARCH 21, 2021

Microsoft announced that its Defender Antivirus and System Center Endpoint Protection now protects users against attacks exploiting Exchange Server vulnerabilities. “Today, we have taken an additional step to further support our customers who are still vulnerable and have not yet implemented the complete security update. .

Antivirus 140

Antivirus Small Business Security Intelligence Hacking 140

Security Affairs

JUNE 27, 2021

“While the Windows system is in safe mode antivirus software doesn’t work. The researchers started investigating the threat after they became aware that the malware was disabling and uninstalling its antivirus from infected devices. “It also uses WQL to query all antivirus software installed SELECT * FROM AntiVirusProduct.”

Antivirus 143

Antivirus Cryptocurrency Malware Software 143

Security Affairs

FEBRUARY 18, 2024

Below is the list of impacted programs and versions: ESET NOD32 Antivirus, Internet Security, Smart Security Premium, Security Ultimate 16.2.15.0 and earlier ESET Endpoint Antivirus for Windows and Endpoint Security for Windows 10.1.2058.0, 10.0.10017.0, 10.0.10017.0,

Antivirus 144

Antivirus Internet Internet Cybersecurity 144

Security Affairs

FEBRUARY 28, 2025

In August 2024, several users reported that Dr.Web antivirus detected changes in their TV box system files. Users may also mistakenly believe TV boxes are more secure than smartphones and are less likely to install antivirus software, increasing their risk when downloading third-party apps or unofficial firmware.

Antivirus 64

Antivirus Firmware Encryption Manufacturing 64

Security Affairs

NOVEMBER 5, 2024

“An important question arising from this analysis is not just how to defend against threats like ToxicPanda but why contemporary antivirus solutions have struggled to detect a threat that is, in technical terms, relatively straightforward. Spain and Peru, at 3.9% and 3.4%, indicate a potential expansion into Latin America.

Banking 121

Banking Malware Accountability Authentication 121

Security Affairs

MAY 25, 2024

Threat actors used fake AV websites masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes to distribute malware. The fake websites were masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes. exe.zip”) that was used to deploy the Lumma information stealer.

Malware 137

Malware Antivirus Cryptocurrency Hacking 137

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches 117

Data breaches Cybercrime Cyber Insurance Marketing 117

Security Affairs

MARCH 10, 2025

The discovered infected archives contained an additional executable, with a modified start script tricking victims into disabling antivirus protections. By December 2024, reports emerged of further miner-infected versions spreading via Telegram and YouTube. It fetched a second-stage payload from hardcoded domains, executing it as t.py

Cryptocurrency 91

Cryptocurrency Malware Social Engineering Antivirus 91

Security Affairs

NOVEMBER 26, 2019

Security researchers from SEC Consult Vulnerability Lab discovered that multiple Fortinet products use a weak encryption cipher (“XOR” with a static key) and cryptographic keys to communicate with the FortiGuard Web Filter, AntiSpam and AntiVirus cloud services. UDP ports 53, 8888 and TCP port 80 (HTTP POST /fgdsvc).

Encryption 140

Encryption Antivirus Advertising DNS 140

Security Affairs

JULY 26, 2021

Tests conducted by the experts demonstrated how to embed 36.9MB of malware into a 178MB-AlexNet model within 1% accuracy loss, this means that the threat is completely transparent to antivirus engines. 58 antivirus engines were involved in the detection works, and no suspicious was detected. ” states the paper.

Malware 139

Malware Antivirus Artificial Intelligence Engineering 139

Security Affairs

FEBRUARY 22, 2024

US FTC charged cyber security firm Avast with harvesting consumer web browsing data through its browser extension and antivirus and sold it. The antivirus firm is accused of selling the data to advertising companies without user consent. ” re ads the FTC’s complaint.

Advertising 136

Advertising Antivirus Data collection Software 136

The Last Watchdog

JANUARY 28, 2019

Worldwide spending on information security products and services rose to $114 billion in 2018, up from $102 billion in 2017, an increase of 12.4 Each of us have a responsibility to embrace best privacy and security practices. To be sure, it’s not as if the good guys aren’t also innovating.

Passwords 196

Passwords Password Management Internet Internet 196

Security Affairs

SEPTEMBER 23, 2024

“ESET received a report stating that on a machine with the affected ESET product installed, it was possible for a user with low privileges to plant a symlink to a specific location, preventing ESET security product from starting properly.” The flaw impacts the following products: ESET Cyber Security 7.0 – 7.4.1600.0

Antivirus 128

Antivirus Small Business Engineering Internet 128

Security Affairs

MARCH 26, 2025

It contacts a C2 server, gains persistence, and collects system information. While only one sample is currently detected by antivirus tools, many others remain undetected. it remained largely undetected until resurfacing in late 2024 with new variants written in Crystal, Nim, and Rust.

Malware 71

Malware Adware Antivirus Marketing 71

Security Affairs

MARCH 7, 2025

Upon gaining initial access to the target, Medusa hackers use remote management and monitoring (RMM) tools like SimpleHelp and AnyDesk for maintaining persistence and employ BYOVD with KillAV to disable antivirus, a tactic seen in BlackCat and RansomHub ransomware operations.

Ransomware 62

Ransomware Antivirus Healthcare Encryption 62

Security Affairs

NOVEMBER 24, 2024

Android Malware Detection Based on Behavioral-Level Features with Graph Convolutional Networks.

Malware 62

Malware Spyware Antivirus VPN 62

Security Affairs

SEPTEMBER 13, 2024

In August 2024, several users reported that Dr.Web antivirus detected changes in their TV box system files. Users may also mistakenly believe TV boxes are more secure than smartphones and are less likely to install antivirus software, increasing their risk when downloading third-party apps or unofficial firmware.

Malware 140

Malware Firmware Antivirus Manufacturing 140

Security Affairs

SEPTEMBER 5, 2022

Microsoft released a Windows Defender update to fix a problem that caused Defender antivirus to identify Chromium, Electron, as malware. Microsoft released a Windows Defender update to fix a problem that caused Defender antivirus software to identify the app based on the Chromium browser engine or the Electron JavaScript framework as malware.

Ransomware 98

Ransomware Antivirus Malware Software 98

Security Affairs

JULY 15, 2024

“While NetScan ran on the primary Veeam backup server, antivirus (AV) protection was disabled on the virtual machine host, both through antivirus user interfaces (UI) and through the command line.” ” reads the report published by BlackBerry.

Backups 140

Backups Ransomware Antivirus DNS 140

Security Affairs

JANUARY 14, 2022

A weakness in the Microsoft Defender antivirus can allow attackers to retrieve information to use to avoid detection. Threat actors can leverage a weakness in Microsoft Defender antivirus to determine in which folders plant malware to avoid the AV scanning.

Malware 145

Malware Antivirus Hacking Information Security 145

Security Boulevard

JANUARY 16, 2022

Norton 360, a popular antivirus product, has installed a cryptocurrency mining program on its customers’ computers, some cities in Texas have been hit with a phishing scam designed to get users to pay through fraudulent QR code stickers on public parking meters, and how Facebook is still collecting data about you even if you deactivate […].

Accountability 122

Accountability Antivirus Cryptocurrency Scams 122