HackDig : Dig high-quality web security articles

Myth-busting Antivirus Software Assumptions

Myth-busting Antivirus Assumptions The number of new viruses grows every day. In fact, McAfee recently registered a 605% increase in total Q2 COVID-19 themed threat detections, contributing to the millions already in existence. While there is no way to know when or how cyberattacks will occur, it’s clear that antivirus software is one of the best ways to ens
Publish At:2021-03-29 21:15 | Read:224 | Comments:0 | Tags:Consumer Threat Notices antivirus anti-virus software Virus

Virus.Win32.Sality.gen / Insecure Permissions

Discovery / credits: Malvuln - malvuln.com (c) 2021Original source:https://malvuln.com/advisory/423a5a63bed721e479c156b309bb58fd.txtContact: malvuln13 () gmail comMedia: twitter.com/malvulnThreat: Virus.Win32.Sality.genVulnerability: Insecure PermissionsDescription: Sality.gen creates a dir named "z_Drivers" under c: drive andgrants change (C) perm
Publish At:2021-03-25 05:34 | Read:283 | Comments:0 | Tags: Virus

Microsoft Defender Antivirus Now Protects Users Against Ongoing Exchange Attacks

Microsoft informed customers on Thursday that Defender Antivirus and System Center Endpoint Protection now provide automatic protection against attacks exploiting the recently disclosed Exchange Server vulnerabilities.Microsoft has released patches, detailed guidance, and a one-click mitigation tool to ensure that Exchange Server users are protected against
Publish At:2021-03-19 11:41 | Read:230 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Virus & Threats Ri

[SANS ISC] Spotting the Red Team on VirusTotal!

I published the following diary on isc.sans.edu: “Spotting the Red Team on VirusTotal!“: Many security researchers like to use the VirusTotal platform. The provided services are amazing: You can immediately have a clear overview of the dangerousness level of a file but… VirusTotal remains a cloud service. It means that, once you uploaded
Publish At:2021-03-06 10:55 | Read:309 | Comments:0 | Tags:Malware SANS Internet Storm Center Security Blueteam Macro R

Working Windows and Linux Spectre exploits found on VirusTotal

Working exploits targeting Linux and Windows systems not patched against a three-year-old vulnerability dubbed Spectre were found by security researcher Julien Voisin on VirusTotal.The vulnerability was unveiled as a hardware bug in January 2018 by Google Project Zero researchers.If successfully exploited on vulnerable systems, it can be used by attackers to
Publish At:2021-03-01 20:13 | Read:295 | Comments:0 | Tags:Security Linux Microsoft Virus exploit

The massive coronavirus pandemic IT blunder with a funny side

byPaul DucklinJournalist Liam Thorp, who writes for the Liverpool Echo in England, recently published an amusing story that he subtitled, “Hilarious mix-up may have highlighted a potential issue with the vaccine roll-out.”As you can imagine, medical mix-ups rarely end well, especially when they involve calculations that determine drug doses.But,
Publish At:2021-02-19 14:55 | Read:346 | Comments:0 | Tags:Security leadership coronavirus precision units Virus

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware In the last few years, many banking trojans developed by Latin American criminals have increased in volume and sophistication. Although exists a strong adoption of technologies with the goal of protecting the final user such as plugins, tokens, e-tokens, two-fa
Publish At:2021-02-17 03:42 | Read:544 | Comments:0 | Tags:Breaking News Cyber Crime Malware Hacking hacking news infor

TrickBot's BazarBackdoor malware is now coded in Nim to evade antivirus

TrickBot's stealthy BazarBackdoor malware has been rewritten in the Nim programming language, likely to evade detection by security software.The TrickBot cybercrime gang has been increasingly distributing their newer and stealthier BazarBackdoor malware through spam campaigns. Once a computer becomes infected, BazarBackdoor is used to provide the threat
Publish At:2021-02-11 11:31 | Read:355 | Comments:0 | Tags:Security Virus

Antivirus Firm Emsisoft Discloses Data Breach

Antivirus solutions provider Emsisoft revealed last week that a third-party had accessed a publicly exposed database containing technical logs.The issue, Emsisoft said, was a misconfiguration that resulted in a database from a test system becoming exposed to the Internet. The database was initially exposed on January 18, 2021, and remained so until the data
Publish At:2021-02-10 02:41 | Read:409 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Data Protection Cyberc

ERNW Whitepaper 71 – Analysis of Anti-Virus Software Quarantine Files

I am glad to announce the release of the ERNW whitepaper 71 containing information about quarantine file formats of different AV software vendors. It is available here. Anti-Virus Software I took quarantine files from real-life incidents and created some in a lab environment. Afterwards I tried to identify metadata, like timestamps, path names, malware names
Publish At:2021-01-27 12:58 | Read:391 | Comments:0 | Tags:Misc ERNW white paper forensics malware Virus

ProtonVPN causes Windows BSOD crashes due to antivirus conflicts

ProtonVPN is working on fixing a bug causing Windows blue screen crashes affecting customers using the latest versions of the company's Windows client software.The BSOD crashes don't affect all users and are caused due to conflicts with unnamed antivirus software solutions."We have received reports that in particular circumstances the latest versions of
Publish At:2021-01-25 17:49 | Read:456 | Comments:0 | Tags:Software Virus

Microsoft patches Defender antivirus zero-day exploited in the wild

Microsoft has addressed a zero-day vulnerability in the Microsoft Defender antivirus, exploited in the wild by threat actors before the patch was released.Zero-days are vulnerabilities actively exploited in the wild before the vendor issues an official patch or bugs that have publicly available proof-of-concept exploits.The zero-day patched today b
Publish At:2021-01-12 17:49 | Read:426 | Comments:0 | Tags:Security Microsoft Virus exploit

Google Chrome fixes antivirus 'file locking' bug on Windows 10

Google Chrome has fixed a bug that enabled antivirus programs on Windows 10 to lock newly created files.The patching of the bug means antivirus programs running on Windows would no longer block new files generated by the Chrome web browser, such as bookmarks.Antivirus programs briefly lock new filesAs a safety precaution, oftentimes antivirus
Publish At:2021-01-03 15:25 | Read:1054 | Comments:0 | Tags:Security Google Microsoft Virus

Vendors Respond to Method for Disabling Their Antivirus Products via Safe Mode

Microsoft and several major cybersecurity companies have responded to a researcher’s disclosure of a method for remotely disabling their antivirus products by leveraging the Windows safe mode.Researcher Roberto Franceschetti last week published an advisory, a blog post, a video and proof-of-concept (PoC) exploits demonstrating a method that could be used by
Publish At:2020-12-15 13:29 | Read:427 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Risk Management Vulner

Vaccine Documents Hacked as West Grapples With Virus Surge

Documents related to the Pfizer coronavirus vaccine were illegally accessed during a cyberattack at the EU regulator, the company said Wednesday, as Germany and other northern hemisphere countries grappled with a winter surge in the pandemic.The Amsterdam-based European Medicines Agency (EMA) reported the cyberattack as European countries eagerly await a vac
Publish At:2020-12-10 08:41 | Read:538 | Comments:0 | Tags:NEWS & INDUSTRY Cybercrime Virus hack