Articles about Anti-Virus
VXer fighters get new stealth weapon in war of the (mal)wares
A bare-metal analysis tool developed by University of California researchers promises to help tip the battle between virus writers and black hats by cloaking malware investigation efforts.
The tool is the latest weapon in the war between the diaspora of independent and vendor malware researchers and their VXer foes. Their …
IEEE expands malware initiatives
Standards body the IEEE has launched two new anti-malware initiatives designed to help software and security vendors spot malware that's been inserted into other software, and improve the performance of malware detection by cutting down on false positives.
The organisation's Anti-Malware Support Service (AMSS) is designed to …
Leaked docs reveal power of malware-for-government product 'FinFisher'
A string of documents detailing the operations and effectiveness of the FinFisher suite of surveillance platforms appears to have been leaked.
The documents, some dated 4 April this year, detail the anti-virus detection rates of the FinFisher spyware which German based Gamma Group sold to governments and law enforcement agencies …
Attackers planting banking Trojans in industrial systems
Trend Micro researcher Kyle Wilhoit says the latest attacks on SCADA and industrial control networks are turning out to carry rather pedestrian banking Trojans, and have been on the rise since October 2014.
Talking to DarkReading, Wilhoit said rather than Stuxnet-style attacks, ne'er-do-wells are dropping banking Trojans into …
Fourth anti-virus firm buys into behavioural blocking
Web and email security firm Marshal8e6 has bought behaviour-based malware detection specialist Avinti. The terms of the deal, announced Tuesday, were undisclosed.
Marshal8e6 said the deal would allow it to offer its customers improved protection against blended threats, emails that attempt to trick recipients into visiting sites …
Panic like it's 1999: Microsoft Office macro viruses are BACK
Macro viruses involving infected Word and Excel files were a plague in the late 1990s. Yet, like grunge music, the genre fell into decline as techniques and technologies moved on. More recently macro viruses have staged something of a revival, thanks to social-engineering trickery.
Windows executable malware has dominated macro …
Top vendors flunk Vista anti-virus tests
Security vendors including CA and Symantec failed to secure Windows systems without fault in recent independent tests.
Twelve of the 35 anti-virus products put through their paces by independent security certification body Virus Bulletin failed to make the grade for one reason or another and therefore failed to achieve the VB100 …
Apple tells Mac users: Get anti-virus
For the first time, Apple is recommending the use of anti-virus tools to protect Mac systems.
Long something of a phantom menace, strains of malware capable of infecting Mac machines have gradually been increasing in prevalence over recent months. In addition, VXers are making more use of web-based attack and applications …
Looking for code work? Write fake anti-virus scripts
Updated
A scareware purveyor has brazenly advertised for recruits on a mainstream job market website.
A job ad on Freelancer.com offers work for a coder prepared to turn his hand to the creation of fake anti-virus website redirection scripts. However, prospective applicants are warned not to expect a big payday - the budget for the …
Free anti-virus scanner hits the cloud
Avira has added cloud technology to the latest version of its popular freebie anti-virus scanner.
Version 10 of Avira AntiVir, released on Tuesday, adds cloud-based detection to a free-of-charge security scanner that competes with similar products offered by (Czech-firm ALWIL's) Avast and AVG.
All three firms aim to move …
VirusTotal mess means YOU TOO can track Comment Crew!
Security researcher Brandon Dixon has used Google's VirusTotal malware analysis tool to spy on what he claims are state-sponsored Chinese and Iranian elite hacking crews.
Dixon (@9bplus) used the paid version of VirusTotal to watch as a subgroup of the Chinese hacker group Comment Crew and an unnamed Iranian mob developed, …
Pizza stores popped, sandwich stores sacked in PoS plunder
Some 324 restaurants across the United States, including 216 Jimmy John's outlets, have had payment terminals compromised by malware after a breach at vendor Signature Systems.
The massive breach occurred when an intruder stole remote log-in credentials for Signature's point of sale (PoS) kit, according to cyber-crime reporter …
The 30-year-old prank that became the first computer virus
To the author of Elk Cloner, the first computer virus to be released outside of the lab, it’s sad that, 30 years after the self-replicating code's appearance, the industry has yet to come up with a secure operating system.
When Rich Skrenta, created Elk Cloner as a prank in February 1982, he was a 15-year-old high school …
Antivirus firm Avast! takes down forums after breach
Antivirus firm Avast! has 'fessed up to a breach.
The small upside is that the mess only impacts the company's forums. As the company's CEO Vincent Steckler has blogged “Less than 0.2% of our 200 million users were affected. No payment, license, or financial systems or other data was compromised.”
Don't click away to another …
Rovnix Trojan infection outbreak infects 130,000 machines in Blighty
A new cluster of infections by the Rovnix Trojan has infected more than 130,000 Windows computers in the UK alone.
The data-stealing malware is also affecting Germany, Italy, the US and Iran to a far lesser extent - 87 per cent of the computers infected are actually in the UK, according to anti-virus firm Bitdefender.
Rovnix is …
By the way, Home Depot hackers also grabbed 53 million email addresses
Hackers made off with a whopping 53 million email addresses as part of the high profile April breach of Home Depot in which 56 million credit cards were compromised, the company says.
The haul bagged enough email addresses to contact everyone in England, but it was unknown if the information had been implicated in further …
Citrix reveals product design methodology, asks YOU to use it
Citrix has revealed the internal process it uses to define new products, and wants you to have a go at using it to suggest the next versions of XenDesktop and XenApp.
Detailed here and here, the company explains it gives its developers a hypothetical budget for features in a forthcoming product, then suggests they Spend the $100 …
MAC BOTNET uses REDDIT comments for directions
A zombie network that feasts on the computer brains of infected Macs has press-ganged 17,000 compromised machines into its ranks, Russian anti-virus firm Dr Web warns.
The iWorm creates a backdoor on machines running OS X. Miscreants are using messages posted on Reddit as a navigational aid which points infected machines towards …
iPad anti-virus shield guards against phantom threat
Mac security specialist Intego has begun offering the first antivirus scanner capable of inspecting Apple's much-hyped iPad, despite the questionable need for security scans on the device.
The iPad, which Apple began selling in the US last weekend, runs on the same operating system as the iPhone. Only jailbroken iPhones with …
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Web users have been warned to be wary of fake results messages about the Scottish Independence referendum.
The warning from UK.gov-backed Get Safe Online comes hours after the polling booths opened north in the border in a history-making vote that will determine Scotland's fate.
Unlike a political election, there will not be …
Freebie Android anti-malware scanners flunk tests
Many free-of-charge antivirus products fail to protect Android smartphone against malware effectively, leaving users with a false sense of security as a result.
Tests by antivirus testing lab AV-Test.org revealed that the best freebie Android anti-virus scanner, Zoner Antivirus, caught 32 per cent of 160 recent Android threats. …
Facebook scuttles 250k-strong crypto-currency botnet
Facebook has taken down a Greek botnet that at its peak compromised 50,000 accounts and infected 250,000 computers to mine crypto-currencies, steal email and banking details and pump out spam.
The scuttled Lecpetex botnet spread malware including the DarkComet remote access trojan by social engineering techniques and was adept …
Charge Anywhere? More like Hacked Everywhere: Mobe cash biz admits 5-year security breach
Mobile payments biz Charge Anywhere has admitted a hacker may have been snooping on its systems for FIVE years.
While probing an internal malware infection, Charge Anywhere discovered someone has been able to eavesdrop on its network traffic since November 2009.
That investigation revealed all sorts of sensitive data had been …
Hackers-for-hire raided 300 banks, corporates for TWELVE YEARS
A band of hackers for hire have raided some 300 banks, corporations and governments undetected for 12 years, possibly the longest campaign of its kind.
The German hackers registered 800 front businesses in the UK to target and fully compromise organisations in Germany, Switzerland, and Austria at the request of customers.
Elite …
Spammer sprung to run Russian national payment system
Russia has reportedly hired a man to develop its national payments system, days after the alleged mastermind of one of the country's biggest pharmacy spam networks was granted early parole.
The criminal allegations following Pavel Vrublevsky were prodigious but were largely denied or unconfirmed by the 35 year-old Moscow native …
AVG stung as search revenue from freebie scanners dries up
Security software firm AVG net income has fallen from $24.7m in Q2 2013 to $13.7mn in Q2 2014, according to financial results out Wednesday.
The profits slide is explained by the slip in revenue from $100.4m in Q2 2013 to $88m in the three months running up to 30 June 2014. AVG responded to the results by revising its outlook …
Facebook flashes its One Tool To Rule Them All in security threat analysis
Facebook has bragged about a new internal tool that combines all sorts of live data on internet security threats – such as any new malware doing the rounds and known dodgy URLS.
The social network's engineers said the utility, imaginatively dubbed ThreatData, collects software nasties shared by researchers and also throws in …
Trend, Sophos and McAfee flunk Vista SP1 anti-virus tests
Top tier anti-virus vendors including McAfee, Trend Micro, and Sophos all failed to secure Windows Vista SP1 in recent independent tests.
Virus Bulletin, the independent security certification body, said 17 of 37 anti-virus products tested failed to reach the VB100 certification standard. McAfee VirusScan, Trend Micro Internet …
Mac security packages range from peachy to rancid – antivirus tests
Updated
Independent tests of Mac antivirus products have discovered that the effectiveness of these security packages runs from a risible 20 per cent to an unimpeachable 100 per cent.
German security lab AV-TEST.org put 18 free and paid-for Mac OS X security products and services to the test, discovering widely differing performances in …
So which miscreants wrote the CosmicDuke info-slurping nasty?
Security researchers have uncovered a link between a Trojan and a recently discovered cyber-espionage tool which suggests cyber-spies behind recent attacks on Western governments cut their teeth writing conventional Trojans.
CosmicDuke combines elements from the Cosmu Trojan and a backdoor known as MiniDuke, previously …
Did you swipe your card through one of these UPS Store tills? You may have been pwned
UPS has discovered an outbreak of debit and credit-card-reading malware in 51 of its branches in the US.
Exactly which strain of malware was involved is not known; a spokesperson told The Register today: "We're still investigating the infection." It's hoped the identity of the malware will be revealed once that probe is complete …
Apple anti-virus advice was nothing new
One of the more famous Get a Mac ads boasted that Apple systems, unlike Windows boxes, didn't need anti-virus software. So when an article on an Apple support site encouraged the use of anti-virus software on Macs it seemed like news. In truth the article reiterated long-standing, though little publicised, advice from Apple. …
Dropbox used as command and control for Taiwan time bomb
A remote access trojan (RAT) is using Dropbox for command and control in a targeted attack against the Taiwanese Government, malware analyst Maersk Menrige says.
The upgraded PlugX RAT is the first targeted attack to use Dropbox to update command and control settings, Menrige said, as distinct from other malware and ransomware …
Flaw in MS anti-malware engine poses command override risk
Microsoft has updated its malware protection technology following the discovery of a bug which might, given a plausible but unlikely set of circumstances, allow a hacker to gain root access to vulnerable systems.
Would-be hackers would already need to have access to targeted systems in order to exploit the privilege escalation …
Poison PDF pusher released to public
Attacking enterprises just got easier with the development of an idiot-friendly tool that spits out booby-trapped PDFs with a few clicks.
The tool weaves existing exploits into PDFs, allowing attacks against Adobe Reader and Acrobat versions 8.x prior to 8.2.1 and 9.x before 9.3.1.
Users can insert their own URL pointers into …
Hackers seed malware on Indian anti-virus site
Hackers planted malicious script on the site of an Indian anti-virus firm this week. The website of AVsoft Technologies was attacked by unidentified miscreants in order to distribute a variant of the Virut virus.
AVsoft Technologies makes the SmartCOP antivirus package. One of the download pages of the site was boobytrapped with …
Security SEE-SAW: $3 MEEELLION needed to fight a $100k hack
It costs a whopping $3.1m to defend against a $100,000 advanced attack, a security duo claims.
The imbalance - well-known to security pros - was illustrated in research presented by Microsoft security strategist Paul McKitrick and founder of security startup ICEBRG William Peteroy (@wepiv) at the Kiwicon hacker fest in …
Australian traffic lights need better security says auditor-general
The Auditor-General of the Australian State of New South Wales (NSW) and the state's roads bureaucrats are at loggerheads over whether or not traffic signal infrastructure is vulnerable to attacks over the Internet.
In a report on critical infrastructure security, the audit office asserts that “systems in place to manage traffic …
Twitter hit with rogue anti-virus scam
Twitter users over the weekend were the target of a scam that tried to infect them with rogue anti-virus software and other malware, in what is one of the first times the micro-blogging site has been hit by a known for-profit attack, a security researcher said.
The problem started after a flurry of tweets directed users to a …
Great Firewall of China blasts DDoS attacks at random IP addresses
An upgrade to China's Great Firewall is having knock-on effects all over the internet, with seemingly random sites experiencing massive traffic spikes.
One site owner in North Carolina, Craig Hockenberry, has written up how, after he looked into why his mail server was down, he found 52Mbps of search traffic piling into his …
Microsoft's OneCare flunks anti-virus test
Microsoft's Live OneCare placed last in a test on the effectiveness of anti-virus security packages by Austrian researchers.
AV Comparatives put 17 security packages through their paces to see how well they recognised a battery of nearly half a million items of malware.
Winner G Data Security's AntiVirusKit (AVK) identified …
Swayze death exploited to serve up fake anti-virus
Miscreants have moved swiftly to establish malicious websites designed to rip off users searching for more information on the death of actor Patrick Swayze on Monday.
Black-hat search engine manipulation means that many sites that appear prominently in search engine results point to sites slinging fake anti-virus scanners. …
Microsoft launches anti-virus public beta
Microsoft has released a free beta of its upcoming anti-virus application.
According to Microsoft, the new anti-virus application known as Windows OneCare Live consumer beta is "like taking your PC in for a tune up at the service station". The release is part of the forthcoming Windows OneCare set of deliverables, and yesterday …
OK, we get the message, Microsoft: Windows Defender splats 1000s of WinXP, Server 2k3 PCs
Microsoft has fixed a snafu with Windows Defender that took down thousands of business PCs and servers running Windows XP and Server 2003.
The software giant responded to sysadmins complaining on TechNet that large numbers of their machines were borked after they’d installed Microsoft’s latest set of antivirus definitions.
Once …
Google unveils Windows 8.1 zero-day vuln – complete with exploit code
Google has made public the details of a security vulnerability in Windows 8.1 a mere 90 days after disclosing it to Microsoft, sparking debate over the wisdom of the online giant's Project Zero security initiative.
The bug, which was privately reported to Microsoft in September, can potentially allow a logged-in user to execute …
Crooks fling banking Trojan at Japanese smut site fans
Cybercrooks are targeting Japanese smut site aficionados with a new banking Trojan run.
The Aibatook malware is targeting customers of Japanese banks who are also visitors on some of the country's most popular pornographic websites.
Security researchers at anti-virus firm ESET estimated that more than 90 smut sites have been …
Pen-testers outline golden rules to make hacks more €xpen$ive
Podcast
Not one administrator to rule them all, but a few: that's the advice offered by seasoned penetration testers Aaron Beuhring and Kyle Salous to enterprises wanting to be less attractive to hackers.
In a presentation at the MIRCon 2014 conference in Washington the duo listed a series of low cost changes to access controls, …
L337 crackrz use dumb passwords too
Black hats are just as blithe about the passwords they use as the rest of the world, according to a bit of research by security outfit Avast.
The anti-virus company's Antonín Hýža, writes here that after he'd built a dictionary of hacked hackers' passwords, the most common password was “hack”.
Hýža says his work began because …
Kmart apologizes to customers after month-long security breach
Discount store Kmart admitted some customers’ payment cards have likely been “compromised” as it became the latest mega retailer to fall victim to cyber-crims.
The parent of the chain, Sears Holding Corp, said the IT team discovered late Thursday that its payment systems had been breached, and further investigations indicate …
FLASH drive ... Ah-aaaaaah! BadUSB no saviour to plug and play Universe
The seriousness of a USB security weakness, which could potentially allow hackers to reprogram USB drives, has been ratcheted up a notch, with the release of prototype code.
Researchers Karsten Nohl and Jakob Lell, from German security skunkworks SR Labs, demonstrated how it might be possible to reprogram the firmware within …
