Articles about Anti-Virus

Five-star Flash phish filched from Hacking Team targets bigwigs

The DarkHotel global advanced threat actor group is targeting suit-wearing types with an old-school HTML application stuffed with the Adobe Flash exploit borrowed from stolen Hacking Team data. The flaws were quickly patched after the Hacking Team goring in July, but DarkHotel appears to have started targeting the exploits …
Darren Pauli, 11 Aug 2015

MS scolds businesses for failing to eradicate 7-year-old malware

Zero-day threats and custom malware get all the publicity, but age-old malware strains including ZeuS and Conficker remain active in UK corporates. “The bad guys don’t have to be smart, they can use something that’s 7-8 years old,” Stuart Aston, chief security advisor at Microsoft UK, told delegates at the RSA Unplugged mini- …
John Leyden, 04 Jun 2015
Sean Connery in Dr. No

Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER

Amnesty and Privacy International are offering a free-of-charge spyware detection tool designed to help journalists and human rights activists stay one step ahead of government surveillance. The Windows-only Detekt anti-spyware tool is designed to be a supplement, rather than an alternative, to pre-existing anti-virus protection …
John Leyden, 20 Nov 2014
channel

BitDefender launches 'suck it and see' free anti-virus scanner

Romanian anti-virus firm BitDefender has begun offering a free version of its anti-virus scanner software to consumers. Similarly cut-down versions of BitDefender's anti-phishing and chat encryption software are also being offered at no charge to home users. The launch of free editions of its security suites is designed to …
John Leyden, 21 May 2009

Net scum respect their elders so long as it leads to p0wnage

Net scum are employing both cool new attacks like the Angler exploit kit and oldies-but-goodies such as macroviruses in their undergoing something of a generational clash, with Cisco reporting both Word macros and the sophisticated Angler exploit kit are the most popular attack vectors this year. Blackhats dumped macros as an …
Darren Pauli, 20 Aug 2015
The Register breaking news

Iran cuts off oil plants hit by mystery data-destroying virus

Malware discovered at an Iranian oil terminal forced Iran to disconnect key oil facilities on Sunday. Authorities said an unnamed data-deleting virus prompted them to disconnect the main oil export terminal on Kharg Island in the Persian Gulf. The websites of the Iranian oil ministry and the National Iranian Oil firm went dark …
John Leyden, 25 Apr 2012

Three Estonians jailed for malware spree that infected 4 MILLION computers

Three Estonians have been sentenced to a cumulative 11 years for their cybercrime activities which infected more than four million computers with malware across more than 100 countries. The three crims, who were sent down by US District Judge Lewis A. Kaplan in Manhattan on Thursday, were: Timur Gerassimenko, 35, who received …

Trustwave: Here's how to earn $84,000 A MONTH as a blackhat

Exploit kit traders and ransomware slingers are in one of the most profitable industries in the world, landing a whopping 1,425 percent profit margin for raiding legitimate trade. Figures from infosec firm Trustwave show the blackhats who are enjoying what appears to be a current boom can score outrageous amounts of money by …
Darren Pauli, 10 Jun 2015
shutterstock_222258445-roadblock

Blocking mobile adverts just became that little bit easier

For those mobile operators wanting to block adverts and prevent them reaching subscribers' screens (all in the name of reducing bandwidth usage and saving customers’ money of course) Israeli tech company Shine can make that happen. “There is a lot of grey in there between advertisers and publishers,” said Roi Carthy, the company …
Simon Rockman, 19 May 2015
man_from_uncle_648

GCHQ: Security software? We'll soon see about THAT

The UK's spook agency GCHQ has been working with the National Security Agency to subvert anti-virus software, according to the latest piece of spoon-fed Snowden info reported on The Intercept. According to Glenn Greenwald's rag, spooks reverse-engineered software products in order to obtain intel – a tactic that will surely come …
Kat Hall, 23 Jun 2015
The Register breaking news

Anti-virus vendor trio plug website flaws

White-hat hackers have uncovered vulnerabilities on the websites of anti-virus firms that created a phishing risk. Cross-site scripting (XSS) bugs of varying severity were found on the websites of Symantec (here), Eset (here) and Panda Security (here) by Team Elite, the white-hat hackers who discovered the flaws. We notified all …
John Leyden, 04 Oct 2010
Dragon

NOD32 AV remote root wormable hack turns corporate fleets to meat

Google Project Zero bod Tavis Ormandy has disclosed a "trivial" means of remotely hack the ESET NOD32 antivirus platform. Ormandy's finding prompted the Slovak company to rush a patch a day before his disclosure overnight. The remote-root exploit is potentially wormable and, he said, of practical value to criminals. "Any …
Darren Pauli, 25 Jun 2015
Flytrap

New twist as rogue antivirus enters death throes

A rogue anti-virus program called Defru has taken to the browser to find a smarter way of infecting users, Microsoft researchers say. The Defru malware blocks users from visiting certain websites and instead displays warnings about fake perceived threats while the correct intended web address was still displayed. Most victims …
Darren Pauli, 21 Aug 2014
The Register breaking news

Sophos punts anti-virus for Klingons

Sophos is now offering anti-virus protection for Klingon speakers. According to the company, you can use Klingon Anti-Virus from Sophos to "quickly perform an on-demand scan and find viruses, spyware, adware, zero-day threats, Betazoid sub-ether porn diallers, and Tribbles that your existing protection might have missed." But …
Cade Metz, 18 May 2009
botnet

Cybercrime taskforce collects huge botnet scalp on first go

A sophisticated botnet has been neutered by a consortium starring the Dutch National High Tech Crime Unit and the Joint Cybercrime Action Taskforce. The botnet, known by a number of names, including AAEH and Beebone, was a "polymorphic downloader bot" which installed various forms of malware on victims’ computers. Like an …

Slippery Windows Updates' SOAP bubbles up SYSTEM priveleges

Blackhat 2015: Microsoft has bungled Windows Server Update Services (WSUS), according to hackers Paul Stone and Alex Chapman, with insecure defaults that let them hijack OS updates. Attackers that have previously gained admin privilege on a target system can elevate themselves to system-level access by skipping the normal signed update …
Darren Pauli, 07 Aug 2015

US hospitals to treat medical device malware with AC power probes

Two large US hospitals will in the next few months begin using a system that can detect malware infections on medical equipment by monitoring AC power consumption. The unnamed hospitals will be the first in a list to test the add-on monitoring platform dubbed WattsUpDoc to check for potentially life-threatening malware running …
Darren Pauli, 27 Apr 2015

France fingered as source of Syria-spying Babar malware

France's spy agency has been fingered as the likely author of complex reconnaissance malware, researchers say. The Casper malware is one of a handful with links to the Babar spy program which leaked NSA documents revealed last month to be the handiwork of France's Direction Générale de la Sécurité Extérieure (General Directorate …
Darren Pauli, 06 Mar 2015
Tiltshift Manipulated Sandpit by https://www.flickr.com/photos/mmichaelis/ cc 2.0 attribution https://creativecommons.org/licenses/by/2.0/

Nasty Dyre malware bests white hat sandboxes

Seculert CTO Aviv Raff says a nasty piece of malware linked to widespread destruction and bank account plundering has become more dangerous with the ability to evade popular sandboxes. Raff says the Dyre malware ducks popular sandbox tools by detecting the number of cores in use. The known but effective and previously unused …
Darren Pauli, 04 May 2015
bug on keyboard

Panda antivirus labels itself as malware, then borks EVERYTHING

Panda users had a bad hair day on Wednesday, after the Spanish security software firm released an update that classified components of its own technology as malign. As a result, enterprise PCs running the antivirus software tied themselves in something of a knot, leaving some systems either unstable or unable to access the …
John Leyden, 11 Mar 2015
The Register breaking news

Google guru blasts Android virus doomsayers as 'charlatans'

Google's open-source program manager has launched an entertaining rant against firms offering mobile security software, accusing them of selling worthless software and of being "charlatans and scammers". Chris DiBona, Google's open-source programs manager, argues that neither smartphones based on Google's Android nor Apple's iOS …
John Leyden, 21 Nov 2011
For Sale sign detail

Fourth anti-virus firm buys into behavioural blocking

Web and email security firm Marshal8e6 has bought behaviour-based malware detection specialist Avinti. The terms of the deal, announced Tuesday, were undisclosed. Marshal8e6 said the deal would allow it to offer its customers improved protection against blended threats, emails that attempt to trick recipients into visiting sites …
John Leyden, 14 Apr 2009
The Register breaking news

Ukrainian cops silence old-skool virus tinkerers' playground

Ukrainian cops have shut down a long-running malware exchange website frequented by old-school virus writers. A message on the front page of the VX Heavens website announces that the site has been forced to shut up shop after the plods seized its servers last Friday as part of a criminal investigation. According to the shuttered …
John Leyden, 29 Mar 2012

Apple tells Mac users: Get anti-virus

For the first time, Apple is recommending the use of anti-virus tools to protect Mac systems. Long something of a phantom menace, strains of malware capable of infecting Mac machines have gradually been increasing in prevalence over recent months. In addition, VXers are making more use of web-based attack and applications …
John Leyden, 02 Dec 2008

FireEye intern nailed in Darkode downfall was VXer, say the Feds

A former intern at security company FireEye has been arrested for creating and selling the slick and sophisticated Dendroid malware program after being caught in a global police sting that obliterated the Darkode cybercrime forum. Prosecutors say that Morgan Culbertson, 20, of Pittsburgh, was most recently working as a …
Darren Pauli, 16 Jul 2015
The Register breaking news

Top vendors flunk Vista anti-virus tests

Security vendors including CA and Symantec failed to secure Windows systems without fault in recent independent tests. Twelve of the 35 anti-virus products put through their paces by independent security certification body Virus Bulletin failed to make the grade for one reason or another and therefore failed to achieve the VB100 …
John Leyden, 06 Aug 2009

Home Depot ignored staff warnings of security fail laundry list

Home Depot is facing claims it ignored security warnings from staff, who say prior to its loss of 56 million credit cards, it failed to update anti virus since 2007, did not consistently monitor its network for signs of attack, and failed to properly audit its eventually-hacked payment terminals. The fixer-upper retail giant …
Darren Pauli, 22 Sep 2014
The Bundestag in Berlin. Pic: Hernán Piñera

Confusion reigns as Bundestag malware clean-up staggers on

A malware infestation at the Bundestag is proving harder to clean up than first predicted, with several unconfirmed local reports going as far as suggesting that techies might have to rebuild the entire network from scratch. As previously reported, a state-sponsored attack is suspected for the widespread infection of systems …
John Leyden, 12 Jun 2015
De Vaartkapoen. Pic: Bianca Bueno

Security software's a booming market. Why is Symantec stumbling?

Worldwide security software revenue totalled $21.4bn in 2014, a 5.3 per cent increase from 2013's revenue of $20.3bn, according to the serious bean counters at Gartner. A decline in consumer security software and endpoint protection — areas that together account for 39 per cent of the market — was more than offset the strong …
John Leyden, 27 May 2015
The Register breaking news

Sourcefire jumps into anti-malware market

Sourcefire, the security biz behind the commercial versions of the open-source Snort intrusion-detection software, is bowling itself at enterprises and touting tech designed to quickly detect and block malware outbreaks. FireAMP offers a malware discovery and analysis tool that offers visibility of threats and outbreak control. …
John Leyden, 23 Jan 2012

15 MEEELLION malware-infested mobiles worldwide – report

Incidences of malicious software (malware) being identified on mobile devices rose 17% in the first half of this year, according to a new study. A report by French communications giant Alcatel-Lucent estimated that approximately 15 million mobile devices worldwide could be infected with malware. The report said that the mobile …
OUT-LAW.COM, 09 Sep 2014
botnet

Bunitu botnet crooks sell your unencrypted VPN traffic for £££

Cyber-crooks behind the Bunitu botnet are selling access to infected proxy bots as a way to cash in from their network. Users (some of whom may themselves be shady types, as explained below) who use certain VPN service providers to protect their privacy are blissfully unaware that back-end systems channel traffic through a …
John Leyden, 11 Aug 2015

ACHTUNG! Scary Linux system backdoor turns boxes into DDoS droids

Cybercrooks have cooked up a backdoor for Linux-powered systems that boasts multiple malicious functions. The Swiss Army Knife-style malware – dubbed Xnote.1 by Russian anti-virus company Doctor Web – can be used as a platform to mount distributed denial-of-service attacks and other evil activities. To spread the software nasty …
John Leyden, 10 Feb 2015
The Register breaking news

Looking for code work? Write fake anti-virus scripts

Updated A scareware purveyor has brazenly advertised for recruits on a mainstream job market website. A job ad on Freelancer.com offers work for a coder prepared to turn his hand to the creation of fake anti-virus website redirection scripts. However, prospective applicants are warned not to expect a big payday - the budget for the …
John Leyden, 25 May 2010
The Register breaking news

Free anti-virus scanner hits the cloud

Avira has added cloud technology to the latest version of its popular freebie anti-virus scanner. Version 10 of Avira AntiVir, released on Tuesday, adds cloud-based detection to a free-of-charge security scanner that competes with similar products offered by (Czech-firm ALWIL's) Avast and AVG. All three firms aim to move …
John Leyden, 24 Mar 2010

Would you trust 'spyproof' mobes made in Putin's Russia?

A Russian firm is developing its own anti-surveillance enterprise smartphone prototype - the TaigaPhone. The secure handset from Taiga Systems will bundle security software from sister security firm InfoWatch Group onto a hardened version of Android. The smartphone is likely to be positioned against the Blackphone, which has …
John Leyden, 02 Mar 2015
apple mac malware vxer

Google makes malware microscope Mac mod

Google has upgraded its popular VirusTotal analysis tool by adding an Mac OS malware uploader in a bid to better understand increasing attacks against Cupertino's fruity 'puters. The tool has been made available for OS X 10.8 and 10.9. Malware and suspicious URL samples uploaded to VirusTotal are checked against 52 anti-malware …
Darren Pauli, 27 May 2014

Author fined $500k in first US spyware conviction

A US man has been handed a US$500,000 fine for selling the StealthGenie malware in the first prosecution of a mobile spyware slinger. Police collared Hammad Akbar, 31, in September after he allegedly sold the malware to an undercover agent in 2012. Akbar a Danish citizen, sold the StealthGenie malware capable of intercepting …
Darren Pauli, 30 Nov 2014

Aaah-CHOOO! Brit boffins say WiFi can 'sneeze' malware

While the "head cold" metaphor is a bit laboured, the issue is genuine: a group of researchers from the University of Liverpool have found that WiFi access points are highly efficient at passing around virus infections. Likening the spread of computer viruses over WiFi as akin to the spread of human viruses in the air, the …

Knock Knock tool makes a joke of Mac AV

Security research and development bod Patrick Wardle has released a tool to reveal executables that automatically boot in Mac OS X. The Knock Knock tool was open source and built on an extensible framework to encourage the community to evolve the platform. Wardle, of consultancy Synack, said he designed the tool because he was …
Darren Pauli, 28 Oct 2014

Mozilla mulls Superfish torpedo

Firefox-maker Mozilla may neuter the likes of Superfish by blacklisting dangerous root certificates revealed less than a week ago to be used in Lenovo laptops. The move will be another blow against Superfish, which is under a sustained barrage of criticism for its use of a root certificate to launch man-in-the-middle attacks …
Darren Pauli, 23 Feb 2015

Dodgy Norton update borks UNDEAD XP systems

A dodgy Symantec update brought pain for those remaining Windows XP users who rely on Norton to defend their undead operating system free from viruses. In a statement, Symantec admitted the problem but downplayed its significance. This issue has now been resolved. The limited number of customers affected should run a Live …
John Leyden, 08 Sep 2014

Windows Registry-infecting malware has no files, survives reboots

Researchers have detailed a rare form of Windows malware that maintains infection on machines and steals data without installing files. The malware resides in the computer registry only and is therefore not easy to detect. It code reaches machines through a malicious Microsoft Word document before creating a hidden encoded …
Darren Pauli, 04 Aug 2014
The Register breaking news

iPad anti-virus shield guards against phantom threat

Mac security specialist Intego has begun offering the first antivirus scanner capable of inspecting Apple's much-hyped iPad, despite the questionable need for security scans on the device. The iPad, which Apple began selling in the US last weekend, runs on the same operating system as the iPhone. Only jailbroken iPhones with …
John Leyden, 07 Apr 2010
bang_648

Sysadmin ignores 25 THOUSAND patches, among other sins

On-call And that's one of the easier chores our reader found himself faced with in a new temp job. Most weekends, our On-Call feature looks at the odd situations readers find themselves in when called to do something on a client site or in the dead of night. This week we're making an exception for reader “Bill”, who rates himself as “ …
Simon Sharwood, 23 Aug 2015
Warning: biohazard

Trend, Sophos and McAfee flunk Vista SP1 anti-virus tests

Top tier anti-virus vendors including McAfee, Trend Micro, and Sophos all failed to secure Windows Vista SP1 in recent independent tests. Virus Bulletin, the independent security certification body, said 17 of 37 anti-virus products tested failed to reach the VB100 certification standard. McAfee VirusScan, Trend Micro Internet …
John Leyden, 03 Apr 2008

Jamie Oliver serves up steaming pile of malware

Tousle-haired celebrity chef Jamie Oliver has served up a stomach-churning exploit kit to those who visit his web site. His eponymous .com site, ranked 519 in the UK and drawing some 10 million visitors a month was compromised to plate-up the foul-tasting Fiesta exploit kit to compromise user machines. Malwarebytes senior …
Darren Pauli, 18 Feb 2015
Malware

Attackers raid SWISS BANKS with DNS and malware bombs

Attackers suspected of residing in Russia are raiding Swiss bank accounts with a multi-faceted attack that intercepts SMS tokens and changes domain name system settings, researchers have warned. The attacks sported a clever implementation of malware that pointed victim machines to replica phishing bank sites when they attempt to …
Darren Pauli, 23 Jul 2014
Lock security

Credit card factories given new secure manufacturing rules

The world's payment card producers have released the latest guidelines to help interested businesses to protect payment data. Version 1.1 of the PCI Card Production Security Requirements (pdf) modifies and introduces features for physical and logical security advising on everything from printing PINs to guarding vaults. The …
Darren Pauli, 13 Apr 2015

Give us a week to GUT Superfish, begs Lenovo CTO

Lenovo's chief technology officer Peter Hortensius has issued another statement on how the company plans to handle Superfish. The missive explains that Lenovo has worked with anti-virus vendors to get their products flattening Superfish whenever a PC starts up and issued a removal tool. Hortensius says Lenovo is now “in the …
Simon Sharwood, 24 Feb 2015