Articles about Anti Virus

GOP delegates suckered into connecting to insecure Wi-Fi hotspots

A Wi-Fi hack experiment conducted at various locations at or near the Republican National Convention site in Cleveland, US, underlines how risky it can be to connect to public Wi-Fi without protection from a VPN. The exercise, carried out by security researchers at Avast, an anti-virus firm, revealed that more than 1,000 …
John Leyden, 21 Jul 2016
Image by KYTan http://www.shutterstock.com/gallery-1088876p1.html

Asian nations mull regional 'Europol' in fight against cybercrime

RSA APAC A closed-door meeting of cabinet ministers from more than a dozen countries met yesterday to mull the creation of a Europol-style organisation to crack down on cyber crime in the region and abroad, The Register has learned. The Asian organisation is conceptual only, but has support from countries including China, Malaysia, …
Darren Pauli, 21 Jul 2016

Flaws found in security products from AVG, Symantec and McAfee

Updated Hundreds of security products may not be up to the job, researchers say, thanks to flawed uses of code hooking. The research is the handiwork of EnSilo duo Udi Yavo and Tommer Bitton, who disclosed the bugs in anti-virus and Windows security tools ahead of their presentation at the Black Hat Las Vegas conference next month. …
Darren Pauli, 20 Jul 2016

Symantec, Intel carve out diminishing slice of growing security market

Worldwide security software revenues rose 3.7 per cent to reach $22.1bn in 2015, according to analyst Gartner. Security information and event management (SIEM) remained the fastest-growing sub segment of the cybersecurity biz last year, experiencing 15.8 per cent growth. By contrast, consumer security software recorded a 5.9 …
John Leyden, 14 Jul 2016

Avast woos AVG shareholders with $1.3bn buyout offer

Avast is offering to buy anti-virus rival AVG for $1.3bn. AVG shareholders are being offered $25.00 per share in cash, a 33 per cent mark-up on the closing share price on Wednesday. AVG, Avast and rival Avira are the three main players in the market for freebie anti-virus scanners for Windows. All make their money by offering …
John Leyden, 07 Jul 2016
Image: Serazetdinov http://www.shutterstock.com/fr/pic-114819721/stock-vector-illustration-of-a-strong-blast-of-brain.html

Zero-interaction remote wormable hijack hole blasts Symantec kit

Scores (or thousands, or millions) of enterprise and home Symantec users are open to remote compromise through multiple now-patched (where possible) wormable remote code execution holes described by Google as 'as bad as it gets'. The flaws are "100 percent" reliable against Symantec's Norton Antivirus and Endpoint according to …
Darren Pauli, 29 Jun 2016
Undrey http://www.shutterstock.com/gallery-950635p1.html

Lenovo Solution Center portal patched to shutter hacker god mode hole

Lenovo has patched a dangerous hole in its rebuilt Solution Center that could allow attackers to gain god mode access on hacked machines and to kill running processes including anti-virus. The pre-installed OEM software helps users update Lenovo tools and manage features like firewalls. Attackers with existing but …
Darren Pauli, 27 Jun 2016
Cheban's blingy watch

Sirin Labs' Solarin isn't for pro-privacy bankers. It's for rich execs who want bling

El Reg got hands-on with the Solarin $14,000 ultra-high-end Android smartphone during a trip to Tel Aviv this week. As previously reported, the Solarin handset is an Android-based smartphone pitched at privacy-conscious executives and the ultra-wealthy. The smartphone comes with a 24 megapixel camera and integrated 3D audio …
John Leyden, 20 Jun 2016

Man-in-the-middle biz Blue Coat bought by Symantec: Infosec bods are worried

Analysis Symantec’s deal to to buy Blue Coat, the controversial web filtering firm, for $4.65bn will bolster its enterprise security business. But some security experts are concerned about the potential for conflict of interest created by housing Symantec’s digital certificate business and Blue Coat’s man-in-the-middle SSL inspection …
John Leyden, 14 Jun 2016
Laptop user, photo via Shutterstock

Tech support locker scam poses as failed Microsoft Update

Cybercrooks have put together a new scam that falls halfway between ransomware and old school browser lockup ruses. The new class of “tech support lockers” rely on tricking users into installing either a fake PC optimiser or bogus Adobe Flash update. Once loaded the malware mimicks ransomware and locks users out of their …
John Leyden, 20 May 2016

Phishing scam targets ... actual fishermen in eastern Ukraine

Security firm ESET has uncovered a long running cyber-espionage campaign in Ukraine, and seemingly targeted at separatists. Operation Groundbait is a targeted attack most likely run from within Ukraine by as yet unidentified politically motivated hackers. The region is a hotspot for malware-based spying campaign thanks largely …
John Leyden, 18 May 2016
Broken CD with wrench

Malware scan stalled misconfigured med software, mid-procedure

A user or reseller who couldn't be bothered configuring their antivirus properly has hit the headlines for interrupting doctors trying to insert a vascular catheter into a patient. As the FDA's Adverse Event Report says, an hourly malware scan stalled a Merge Healthcare Hemo unit, which collects patient vital signs, displays …
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Suck on this: White hats replace Locky malware payload with dummy

Pranksters have infiltrated the control system behind the infamous Locky ransomware and replaced the malware’s main payload with a dummy file. Locky normally spreads using malicious and disguised JavaScript inside email attachments supposedly containing an invoice or similar. Malicious messages are sent to prospective marks in …
John Leyden, 05 May 2016
dunce_cap_648

TLS proxies: insecure by design say boffins

Have you ever suspected filters that decrypt traffic of being insecure? Canadian boffins agree with you, saying TLS proxies – commonly deployed in both business and home networks for traffic inspection – open up cans of worms. In their tests, “not a single TLS proxy implementation is secure with respect to all of our tests, …
Picard frustrated

Half of people plug in USB drives they find in the parking lot

A new study has found that almost half the people who pick up a USB stick they happen across in a parking lot plug said drives into their PCs. Researchers from Google, the University of Illinois Urbana-Champaign, and the University of Michigan, spread 297 USB drives around the Urbana-Champaign campus. They found that 48 …
Shaun Nichols, 11 Apr 2016
money_currencies_648

Baddies' brilliant plan to get mobile malware whitelisted: Bribery

Criminals have resorted to bribes in order to smuggle malware into the source code of mobile gaming apps. The scam, in which malware authors bribed the employees of a legitimate mobile games company in China to embed malware into mobile apps, was uncovered by security researchers from Check Point. The bribe ensured that …
John Leyden, 11 Apr 2016

Patch out for 'ridiculous' Trend Micro command execution vuln

A bug in its software meant that Trend Micro accidentally left a remote debugging server running on customer machines. The flaw, discovered by Google’s Project Zero researcher Tavis Ormandy, opened the door to command execution of vulnerable systems (running either Trend Micro Maximum Security, Trend Micro Premium Security or …
John Leyden, 31 Mar 2016
Edge supports JavaScript extensions in the latest preview build

We wrap our claws around latest pre-Build Windows 10 preview

Microsoft is releasing preview versions of Windows 10 at a rapid rate, perhaps in preparation for its Build developer conference later this week in San Francisco. Build 14295, released late last week, followed just 8 days after Build 14291, which introduced Extensions for the Edge browser as well as an updated Maps app. There …
Tim Anderson, 29 Mar 2016

PC World's cloudy backup failed when exposed to ransomware

The shortcomings of consumer-grade backup services in protecting against the scourge of ransomware have been exposed by the experiences of a UK businesswoman. Amy W, who runs a small business in the Newbury, Berkshire area, was convinced that the KnowHow cloud was the only backup technology she'd ever need1 when she bought a …
John Leyden, 22 Mar 2016

The bill for Home Depot after its sales registers were hacked: $19.5m

Home Depot will pay at least $19.5m in compensation to the 50 million customers hit by hackers who infiltrated the chain's sales tills in 2014. The US home improvement warehouse will create a $13m fund to reimburse shoppers and spend a further $6.5m providing a year's worth of identity protection for those impacted. Those are …
Kieren McCarthy, 17 Mar 2016
dumb_and_dumber_648

Like masochism? Run a PC? These VXers want to help you pwn yourself

Masochistic Windows users have been given a helping hand from hackers, in the form of step-by-step instructions on how to get their PCs infected with malware. A recent malware-slinging banking trojan campaign targeting Germany last week comes with explicit instructions for the recipients describing how to get their computers …
John Leyden, 14 Mar 2016

'You've been hacked, pay up' ... Ransomware forces your PC to read out a hostage note

Ransomware miscreants have developed a strain of malware that lets victims known that their computer has been encrypted verbally. The Cerber ransomware encrypts users' files using AES encryption before demanding an extortionate payment of 1.24 Bitcoins ($500) in order to supply a private key needed to decrypt files. The …
John Leyden, 07 Mar 2016

McAfee gaffe a quick AV kill for enterprising staff

Intel Security has fixed a flaw that made it possible to shut down its McAfee Enterprise virus engine, thereby allowing the installation of malware and pirated software. The hotfix addresses an issue that Agazzini Maurizio, senior security advisor at Rome-based consultancy Mediaservice, first warned about 15 months ago. McAfee …
Darren Pauli, 07 Mar 2016

Borked ESET antivirus update says entire web is too risky to browse

Surfers who rely on ESET anti-virus are having a hard time surfing the web following a misfiring anti-virus update, pushed out on Monday morning. The update is stopping people who apply it from browsing most of the internet, including ESET’s own site. Sites such as Amazon, MSN and more are falsely being labelled as …
John Leyden, 29 Feb 2016
fail

Comodo's 'security' kit installed a lame VNC server on PCs on the sly

Google's Project Zero has found yet another blunder in Comodo's internet "security" software – a VNC server enabled by default with a predictable password. Earlier this month, Googler Tavis Ormandy pointed out that Comodo's custom web browser, dubbed Chromodo, was about as unsafe as a lace condom thanks to terrible security …
Iain Thomson, 18 Feb 2016

Google ninjas go public with security holes in Malwarebytes antivirus

Malwarebytes is rushing to plug security flaws in its software that allow miscreants to sling malware at its customers. The antivirus firm says it has addressed server-side vulnerabilities that were reported by Google Project Zero researcher Tavis Ormandy in November. However, security holes remain in the client-side software …
John Leyden, 02 Feb 2016

Angler exploit kit now hooking execs with Xmas Flash hole

The Angler exploit kit is again sailing the cyber seas and pillaging with impunity, adding one of the more recent machine-hijacking Flash holes to its arsenal. The integration of Adobe Flash vulnerability (CVE-2015-8651) patched last month solidifies Angler's position as the most popular and effective exploit kit on …
Darren Pauli, 28 Jan 2016

Brazilian whacks: as economy tanks, cyber-crooks samba

Brazil's economy may be hurtling towards recession but its online criminal underground is booming with wannabe hackers and carders racing to get a cut, research finds. Trend Micro's work is the latest in a series of papers it has published in recent months that examine regional online crime economies including North America, …
Darren Pauli, 13 Jan 2016
shutterstock_222258445-roadblock

Predictable: How AV flaw hit Microsoft's Windows defences

Could it be that time spent by Microsoft on software security counts for naught? Possibly - based on the findings of an investigation by enSilo that found some of the best-known AV names are susceptible to new vulnerabilities. The results are alarming, suggesting an entire of ecosystem unwittingly opening a back door into …
John Leyden, 11 Dec 2015

Hackers add exploit kit to article asking 'Is cyber crime out of control?'

Hackers have hosed an article published by The Guardian using the world's nastiest exploit kit Angler to pop the machines of exposed readers. The attack firmly answers the article's headline positing the question 'is cybercrime out of control', based on arguments in a book by one Misha Glenny. Angler is the most capable and …
Darren Pauli, 11 Dec 2015

Kaspersky, McAfee, and AVG all vulnerable to major flaw

Some of the biggest names in the security software business have been compromised by a serious flaw that could allow a hacker to use the commercial security code to infiltrate computers. In March, researchers at security firm enSilo found a serious flaw in popular free antivirus engine AVG Internet Security 2015. They found …
Iain Thomson, 10 Dec 2015

GCHQ v Privacy International: Computer hacking tribunal showdown begins

GCHQ is being challenged over its offensive hacking practices at a hearing that started on Tuesday morning. The challenge is being heard by the Investigatory Powers Tribunal, which is the only judicial body in the country with the authority to hear complaints about the intelligence agencies. Two complaints were filed last year …

Malvertising: How the ad model makes crime pay

Feature The exploitation of online advertising networks by malware-flingers is expected to cause up to $1bn in damages by the end of this year, but despite ongoing regulatory efforts, it is not clear to whom the liability for these enormous losses will fall. The increasingly sophistication with which online advertisers profile users …
money_987_648

How cyber insurance actually works

A couple of weeks ago El Reg carried an article by Mark Pesce about the likely evolution of Cyber Insurance. Reg reader and insurance industry veteran Tom Whipp agreed with most of his sentiments, but wasn’t so keen on his conclusions and demanded his stint on the Reg soapbox. So, take it away Tom. I’ve worked in security and …
Tom Whipp, 23 Nov 2015

Criminal are mostly hacking-by-numbers with exploit kits

Exploit kits are dominating the criminal hacking industry, but even though code fiends prefer colour-by-numbers cracking kits that isn't stopping them from assembling a vast command and control army domain name servers linked to popular kits are up 75 percent in the third quarter compared to 2014, according to a report. It …
Darren Pauli, 19 Nov 2015

3ROS exploit wins plaudits for the prettiest Mal-GUI ever

The 3ROS exploit kit is one of the most user-friendly malware tools to have emerged and will likely spawn variants, malware men say. Exploit kits are the preferred method of infecting large numbers of web users. The malware often packs a series of known and zero day exploits against major browsers and software like FireFox and …
Darren Pauli, 16 Nov 2015

GCHQ director blasts free market, says UK must be 'sovereign cryptographic nation'

IA15 Speaking this morning to CESG's Information Assurance conference, Robert Hannigan, director of GCHQ, declared that Britain was a "sovereign cryptographic nation" and reproached the free market's ability to provide adequate cybersecurity. The claim was delivered to a cybersecurity shindig attended by government employees and …

Read the Economist last weekend? You may have fetched more than just articles (yup, malware)

Third bathroom reading material The Economist served malware from its website via the compromised PageFair network. The biz mag today alerted readers that it put their PCs at risk last weekend. "If you visited economist.com at any time between Oct. 31, 23:52 GMT and 01:15 GMT, Nov. 1, using Windows OS and you do not have …
Shaun Nichols, 06 Nov 2015
Google car

Insurance companies must start buying security companies

The Insurance industry encompasses a very odd paradox: it wouldn’t exist without risk, yet does everything in its power to remove any risks for its policy-holders. Insurers only make money if they don’t pay out, and they won’t pay out if they can keep you from doing any of the things they’ve identified as risky. We’re already …
Mark Pesce, 29 Oct 2015
Riot police in London. Pic: Steve Jackson

Lancashire Police warn of malware email impersonation scam

Lancashire Police are warning ordinary folk not to open phishing email purporting to be from the plod. Users have apparently been targeted in a "widespread" scam seeking to obtain personal information through a malware attachment. "If you have opened an email or attachment from us and are now experiencing problems with your …
Kat Hall, 22 Oct 2015
An angry mob

Microsoft now awfully pushy with Windows 10 on Win 7, 8 PCs – Reg readers hit back

Updated Have you noticed Microsoft being a little too eager in pushing its Windows 10 upgrade lately? You're not alone. The Reg news tip inbox has been awash the past few days with readers reporting that the newest version of Windows has been forcing itself onto computers amid other operating system updates, and sometimes even …
Shaun Nichols, 15 Oct 2015

AVG defends plans to flog user data as privacy row continues

Security software firm AVG has defended changes in its privacy policy, due to come into effect on Thursday (15 October), allowing it to collect and resell users’ anonymised web browsing and search history. AVG argues that it has no immediate plans to monetise users’ browsing habits. However, independent security experts remain …
John Leyden, 14 Oct 2015
Child measuring image via Shutterstock

By the numbers: The virtualisation options for private cloud hopefuls

VMware, Hyper-V ... XenServer? When it comes to virtualisation, these are the three most frequently cited options. And this would have been OK in the days before cloud, when virtualisation was “just” something for the boys and girls down in the sysadmin branch of the IT department cared about. Now we do have cloud, and private …
Tom Baines, 05 Oct 2015

Vigilante VXer FIXES SOHOpeless routers

Threat boffin Mario Ballano says VXers have broken into a host of routers creating a botnet dedicated solely to securing and hardening the devices. The Symantec security man says the botnet first detected in November last year has not launched a single denial of service attack or undergone any form of black hat activity in the …
Darren Pauli, 02 Oct 2015

Rusky antivirus company FIRE BOMBED for research blogs

Russian ATM VXers have firebombed the research lab of an anti-virus firm after its researchers refused to retract reverse engineering analysis of their malware. The attack followed email threats by the group calling itself the 'Syndicate' to the Moscow company which sold the Shield antivirus product that prevented the gang's …
Darren Pauli, 30 Sep 2015

AVG to flog your web browsing, search history from mid-October

Changes in the privacy policy of AVG's free antivirus doodad will allow it to collect your web browsing and search history – and sell it to advertisers to bankroll its freemium security software products. The changes will come into play on 15 October, according to the Czech-based biz in a blog post. The revised privacy policy …
John Leyden, 21 Sep 2015
Shaun of the Dead

'I may be winning this ad-blocker game, but I hate it. I'm outta here (with $100k). Buh-bye'

QuoTW We do hope you've enjoyed this week of botched Apple updates, unlikely Linux lovers and surprise birthday gifts. Here are our favourite quotes. Bitcoin backers have had a long and contentious relationship with sovereign states, and this week they got some unwanted recognition from the US. The Commodity Futures Trading …
Team Register, 20 Sep 2015
No junk mail. Pic: gajman, Flickr

The last post: Building your own mail server, part 2

Feature Last week, I explained the reasoning behind setting up your own mailserver, and the choice of software that I'll be using for it. This week, it's time to get hands on and show you how to do it. One word of advice, though: this is my configuration, and there are lots of options for tweaking, not to mention different ways to do it …
Nigel Whitfield, 19 Sep 2015

'I promise you I will win', says completely sane presidential candidate John McAfee

QuoTW This week new iStuffs were showcased, a scary luggage hack popped up and a gaming icon turned 30. Now for some of the best quotes from the past seven days. America's favourite gun-toting anti-virus tycoon John McAfee has thrown his hat in to the 2016 presidential race. McAfee has made himself the official cyber party …
Team Register, 13 Sep 2015

TorrentLocker scum have better email lists than legit devs, telcos

Spammers deploying the TorrentLocker ransomware are so good at targeting victims that their poison emails hit the mark more frequently than those sent by legitimate software companies and professional marketers. Trend Micro's just analysed the malware in a report titled TorrentLocker Landscape: Targeting Even More Victims in …
Darren Pauli, 09 Sep 2015