Articles about Anti-Virus

Hackers add exploit kit to article asking 'Is cyber crime out of control?'

Hackers have hosed an article published by The Guardian using the world's nastiest exploit kit Angler to pop the machines of exposed readers. The attack firmly answers the article's headline positing the question 'is cybercrime out of control', based on arguments in a book by one Misha Glenny. Angler is the most capable and …
Darren Pauli, 11 Dec 2015

Kaspersky, McAfee, and AVG all vulnerable to major flaw

Some of the biggest names in the security software business have been compromised by a serious flaw that could allow a hacker to use the commercial security code to infiltrate computers. In March, researchers at security firm enSilo found a serious flaw in popular free antivirus engine AVG Internet Security 2015. They found …
Iain Thomson, 10 Dec 2015

GCHQ v Privacy International: Computer hacking tribunal showdown begins

GCHQ is being challenged over its offensive hacking practices at a hearing that started on Tuesday morning. The challenge is being heard by the Investigatory Powers Tribunal, which is the only judicial body in the country with the authority to hear complaints about the intelligence agencies. Two complaints were filed last year …

Malvertising: How the ad model makes crime pay

Feature The exploitation of online advertising networks by malware-flingers is expected to cause up to $1bn in damages by the end of this year, but despite ongoing regulatory efforts, it is not clear to whom the liability for these enormous losses will fall. The increasingly sophistication with which online advertisers profile users …
money_987_648

How cyber insurance actually works

A couple of weeks ago El Reg carried an article by Mark Pesce about the likely evolution of Cyber Insurance. Reg reader and insurance industry veteran Tom Whipp agreed with most of his sentiments, but wasn’t so keen on his conclusions and demanded his stint on the Reg soapbox. So, take it away Tom. I’ve worked in security and …
Tom Whipp, 23 Nov 2015

Criminal are mostly hacking-by-numbers with exploit kits

Exploit kits are dominating the criminal hacking industry, but even though code fiends prefer colour-by-numbers cracking kits that isn't stopping them from assembling a vast command and control army domain name servers linked to popular kits are up 75 percent in the third quarter compared to 2014, according to a report. It …
Darren Pauli, 19 Nov 2015

3ROS exploit wins plaudits for the prettiest Mal-GUI ever

The 3ROS exploit kit is one of the most user-friendly malware tools to have emerged and will likely spawn variants, malware men say. Exploit kits are the preferred method of infecting large numbers of web users. The malware often packs a series of known and zero day exploits against major browsers and software like FireFox and …
Darren Pauli, 16 Nov 2015

GCHQ director blasts free market, says UK must be 'sovereign cryptographic nation'

IA15 Speaking this morning to CESG's Information Assurance conference, Robert Hannigan, director of GCHQ, declared that Britain was a "sovereign cryptographic nation" and reproached the free market's ability to provide adequate cybersecurity. The claim was delivered to a cybersecurity shindig attended by government employees and …

Read the Economist last weekend? You may have fetched more than just articles (yup, malware)

Third bathroom reading material The Economist served malware from its website via the compromised PageFair network. The biz mag today alerted readers that it put their PCs at risk last weekend. "If you visited economist.com at any time between Oct. 31, 23:52 GMT and 01:15 GMT, Nov. 1, using Windows OS and you do not have …
Shaun Nichols, 06 Nov 2015
Google car

Insurance companies must start buying security companies

The Insurance industry encompasses a very odd paradox: it wouldn’t exist without risk, yet does everything in its power to remove any risks for its policy-holders. Insurers only make money if they don’t pay out, and they won’t pay out if they can keep you from doing any of the things they’ve identified as risky. We’re already …
Mark Pesce, 29 Oct 2015
Riot police in London. Pic: Steve Jackson

Lancashire Police warn of malware email impersonation scam

Lancashire Police are warning ordinary folk not to open phishing email purporting to be from the plod. Users have apparently been targeted in a "widespread" scam seeking to obtain personal information through a malware attachment. "If you have opened an email or attachment from us and are now experiencing problems with your …
Kat Hall, 22 Oct 2015
An angry mob

Microsoft now awfully pushy with Windows 10 on Win 7, 8 PCs – Reg readers hit back

Updated Have you noticed Microsoft being a little too eager in pushing its Windows 10 upgrade lately? You're not alone. The Reg news tip inbox has been awash the past few days with readers reporting that the newest version of Windows has been forcing itself onto computers amid other operating system updates, and sometimes even …
Shaun Nichols, 15 Oct 2015

AVG defends plans to flog user data as privacy row continues

Security software firm AVG has defended changes in its privacy policy, due to come into effect on Thursday (15 October), allowing it to collect and resell users’ anonymised web browsing and search history. AVG argues that it has no immediate plans to monetise users’ browsing habits. However, independent security experts remain …
John Leyden, 14 Oct 2015
Child measuring image via Shutterstock

By the numbers: The virtualisation options for private cloud hopefuls

VMware, Hyper-V ... XenServer? When it comes to virtualisation, these are the three most frequently cited options. And this would have been OK in the days before cloud, when virtualisation was “just” something for the boys and girls down in the sysadmin branch of the IT department cared about. Now we do have cloud, and private …
Tom Baines, 05 Oct 2015

Vigilante VXer FIXES SOHOpeless routers

Threat boffin Mario Ballano says VXers have broken into a host of routers creating a botnet dedicated solely to securing and hardening the devices. The Symantec security man says the botnet first detected in November last year has not launched a single denial of service attack or undergone any form of black hat activity in the …
Darren Pauli, 02 Oct 2015

Rusky antivirus company FIRE BOMBED for research blogs

Russian ATM VXers have firebombed the research lab of an anti-virus firm after its researchers refused to retract reverse engineering analysis of their malware. The attack followed email threats by the group calling itself the 'Syndicate' to the Moscow company which sold the Shield antivirus product that prevented the gang's …
Darren Pauli, 30 Sep 2015

AVG to flog your web browsing, search history from mid-October

Changes in the privacy policy of AVG's free antivirus doodad will allow it to collect your web browsing and search history – and sell it to advertisers to bankroll its freemium security software products. The changes will come into play on 15 October, according to the Czech-based biz in a blog post. The revised privacy policy …
John Leyden, 21 Sep 2015
Shaun of the Dead

'I may be winning this ad-blocker game, but I hate it. I'm outta here (with $100k). Buh-bye'

QuoTW We do hope you've enjoyed this week of botched Apple updates, unlikely Linux lovers and surprise birthday gifts. Here are our favourite quotes. Bitcoin backers have had a long and contentious relationship with sovereign states, and this week they got some unwanted recognition from the US. The Commodity Futures Trading …
Team Register, 20 Sep 2015
No junk mail. Pic: gajman, Flickr

The last post: Building your own mail server, part 2

Feature Last week, I explained the reasoning behind setting up your own mailserver, and the choice of software that I'll be using for it. This week, it's time to get hands on and show you how to do it. One word of advice, though: this is my configuration, and there are lots of options for tweaking, not to mention different ways to do it …
Nigel Whitfield, 19 Sep 2015

'I promise you I will win', says completely sane presidential candidate John McAfee

QuoTW This week new iStuffs were showcased, a scary luggage hack popped up and a gaming icon turned 30. Now for some of the best quotes from the past seven days. America's favourite gun-toting anti-virus tycoon John McAfee has thrown his hat in to the 2016 presidential race. McAfee has made himself the official cyber party …
Team Register, 13 Sep 2015

TorrentLocker scum have better email lists than legit devs, telcos

Spammers deploying the TorrentLocker ransomware are so good at targeting victims that their poison emails hit the mark more frequently than those sent by legitimate software companies and professional marketers. Trend Micro's just analysed the malware in a report titled TorrentLocker Landscape: Targeting Even More Victims in …
Darren Pauli, 09 Sep 2015
The Day the Earth Stood Still

Gloves on as Googler deposits foul zero-day on Kaspersky lawn

Google security man Tavis Ormandy has revealed a dangerous remote zero day vulnerability in Kaspersky kit that grants attackers system privileges. The bug is a remote "zero interaction" buffer overflow affecting default installation configurations of the latest anti-virus software versions. "So, about as bad as it gets," …
Darren Pauli, 08 Sep 2015
man_from_uncle_648

Viral virus bunfight: Dr Web tested rivals like Kaspersky Lab

Russian anti-malware firm Dr.Web tested rivals to see if they blindly accepted malware reports shared through cross-industry intelligence systems like Kaspersky Lab, according to investigative reporter Brian Krebs. However, Dr.Web stopped short of using services such as VirusTotal to trip up rivals, the focus of fiercely …
John Leyden, 02 Sep 2015
bang_648

Sysadmin ignores 25 THOUSAND patches, among other sins

On-call And that's one of the easier chores our reader found himself faced with in a new temp job. Most weekends, our On-Call feature looks at the odd situations readers find themselves in when called to do something on a client site or in the dead of night. This week we're making an exception for reader “Bill”, who rates himself as “ …
Simon Sharwood, 23 Aug 2015

Net scum respect their elders so long as it leads to p0wnage

Net scum are employing both cool new attacks like the Angler exploit kit and oldies-but-goodies such as macroviruses in their undergoing something of a generational clash, with Cisco reporting both Word macros and the sophisticated Angler exploit kit are the most popular attack vectors this year. Blackhats dumped macros as an …
Darren Pauli, 20 Aug 2015

Ransomware blueprints published on GitHub in the name of education

Turkish security bod Utku Sen has published what appears to be the first openly available source code for ransomware – free for people to use and spread. The "Hidden Tear" ransomware, available to GitHub, is a functional version of the malware the world has come to hate; it uses AES encryption to lock down files and can …
Darren Pauli, 18 Aug 2015

Kaspersky Lab denies tricking AV rivals into nuking harmless files

Kaspersky Lab deliberately fed bogus malware to its rivals to sabotage their antivirus products, two anonymous former employees allege. Kaspersky says the accusations are false. Reuters reported today that two ex-Kaspersky engineers claim they were tasked with tricking competing antivirus into classifying benign executables …
John Leyden, 14 Aug 2015

John McAfee launches cert authority but it's got a POODLE problem

Eccentric infosec man John McAfee is now the proprietor of a Certificate Authority named BlackCert. Fresh from a shootout friendly discussion with police over drug and firearm possession, the one-time anti-virus boss has made what is badged as a disruptive play into SSL. BlackCert will offer unlimited use of SSL certificates …
Darren Pauli, 13 Aug 2015
botnet

Bunitu botnet crooks sell your unencrypted VPN traffic for £££

Cyber-crooks behind the Bunitu botnet are selling access to infected proxy bots as a way to cash in from their network. Users (some of whom may themselves be shady types, as explained below) who use certain VPN service providers to protect their privacy are blissfully unaware that back-end systems channel traffic through a …
John Leyden, 11 Aug 2015

Five-star Flash phish filched from Hacking Team targets bigwigs

The DarkHotel global advanced threat actor group is targeting suit-wearing types with an old-school HTML application stuffed with the Adobe Flash exploit borrowed from stolen Hacking Team data. The flaws were quickly patched after the Hacking Team goring in July, but DarkHotel appears to have started targeting the exploits …
Darren Pauli, 11 Aug 2015

'Cops KNOW WHO I AM and I don't believe their hearts were truly in the shootout'

QuoTW It was a week of Firefox flaws, unruly Windows and big game news. Here were our favorite quotes from the past seven days: We may have arrived in the Windows 10 era but over in Wales, IT still parties like it's 2001. NHS systems have been found to still be running the ancient operating system Windows XP on their desktops. …
Team Register, 09 Aug 2015

Slippery Windows Updates' SOAP bubbles up SYSTEM priveleges

Blackhat 2015: Microsoft has bungled Windows Server Update Services (WSUS), according to hackers Paul Stone and Alex Chapman, with insecure defaults that let them hijack OS updates. Attackers that have previously gained admin privilege on a target system can elevate themselves to system-level access by skipping the normal signed update …
Darren Pauli, 07 Aug 2015
Xen project hypervisor logo

Xen hardens up with zero-footprint guest introspection code

The Xen Project's had a nasty run with security of late, thanks to a run of five bad bugs, but has revealed plans to improve matters in the forthcoming version 4.6 of its open-source hypervisor. The Project's new weapon is called libbdvmi and addresses the fact that running security software on a guest virtual machine can be …
Simon Sharwood, 05 Aug 2015

Sun? In Blighty? Nah, just build that rooftop data centre, it’ll be fine

On-Call Welcome again to On-Call, our regular tale of things that happen when readers are called in to fix big messes on weekends and evenings. Before we get to this week's tale, a quick reminder we've some prizes for new submissions as part of our Sysadmin Day celebrations. Write to me if you've a story of being called out to do …
Simon Sharwood, 02 Aug 2015

'Plague Scanner' controls multiple AV engines, for $0.00

Security researcher Robert Simmons has released a tool that offers a new level of stealth to the malware cat-and-mouse skirmish by shrouding binary analysis. "Plague Scanner" is a free on-premise anti-virus framework - a class of tool that drives multiple anti-virus scanners at once - and is the only free alternative to …
Darren Pauli, 27 Jul 2015

Three Estonians jailed for malware spree that infected 4 MILLION computers

Three Estonians have been sentenced to a cumulative 11 years for their cybercrime activities which infected more than four million computers with malware across more than 100 countries. The three crims, who were sent down by US District Judge Lewis A. Kaplan in Manhattan on Thursday, were: Timur Gerassimenko, 35, who received …

Norton for Windows 10 is NOT a box-borking beta, insists Symantec

A recent update to Norton designed to add compatibility for Windows 10 is incompatible with mainstream Windows releases, according to some users. Symantec is denying that these issues are anything worse than teething problems, although this has so far failed to placate critics. Users are loudly complaining about borked Win 8. …
John Leyden, 20 Jul 2015

Cyber-security's dirty little secret: It's not as bad as you think

New research from the Global Commission on Internet Governance has reached a surprising conclusion: cyberspace is actually getting safer. The report [PDF] starts from a simple enough premise: while we are constantly told that incidents of cyberattacks and online security threats are increasing, are they growing relative to the …
Kieren McCarthy, 18 Jul 2015

FireEye intern nailed in Darkode downfall was VXer, say the Feds

A former intern at security company FireEye has been arrested for creating and selling the slick and sophisticated Dendroid malware program after being caught in a global police sting that obliterated the Darkode cybercrime forum. Prosecutors say that Morgan Culbertson, 20, of Pittsburgh, was most recently working as a …
Darren Pauli, 16 Jul 2015

Malwarebytes slurps startup, hopes to belch out Mac malware zapper

Security software firm Malwarebytes is moving into the Mac security software market with the acquisition of a start-up and the launch of its first anti-malware product for Apple computers. Malwarebytes Anti-Malware for Mac is designed to detect and remove malware, adware, and PUPs (potentially unwanted programs). The release …
John Leyden, 15 Jul 2015

VXers charge Nintendo fans then p0wn their data

Palo Alto Networks researchers Cong Zheng and Zhi Xu are warning of a new form of malware that is masquerading as a paid Nintendo emulator for Android devices. The Gunpoder malware takes the form of an app packaged with the Airpush ad library making it difficult for anti-virus engines to detect. Zheng and Xu say the ads help …
Darren Pauli, 09 Jul 2015
management regulation2

As the US realises it's been PWNED, when will OPM heads roll?

Heads are set to roll at the Office of Personnel Management as director Katherine Archuleta continues to receive a grilling from Senate committees, who are beginning to realise that the country's entire intelligence workforce has been utterly pwned, probably by a hostile nation. Archuleta, alongside OPM's Chief Information …
Freescale Internet of Things overview

We need to know about the Internet of Things, say US Senators

As US lawmakers call on the Government Accountability Office to assess the world of the Internet of Things, Eugene Kaspersky has unloaded on the thingification of home appliances. A bipartisan group of US Senators (Brian Schatz and Cory Booker for the Democrats, Deb Fischer and Kelly Ayotte for the Republicans) released the …
Dragon

NOD32 AV remote root wormable hack turns corporate fleets to meat

Google Project Zero bod Tavis Ormandy has disclosed a "trivial" means of remotely hack the ESET NOD32 antivirus platform. Ormandy's finding prompted the Slovak company to rush a patch a day before his disclosure overnight. The remote-root exploit is potentially wormable and, he said, of practical value to criminals. "Any …
Darren Pauli, 25 Jun 2015
man_from_uncle_648

GCHQ: Security software? We'll soon see about THAT

The UK's spook agency GCHQ has been working with the National Security Agency to subvert anti-virus software, according to the latest piece of spoon-fed Snowden info reported on The Intercept. According to Glenn Greenwald's rag, spooks reverse-engineered software products in order to obtain intel – a tactic that will surely …
Kat Hall, 23 Jun 2015

FLICK my FLINT and SNIFF my TREE on the streets of Naples

Something for the Weekend, Sir? Youtube Video "See Naples and die" the saying goes. After visiting the city recently, I can believe it. Hang around there long enough and you’ll be dead. The likely causes of your imminent death in Naples are many: you might be run over by a motor scooter, stumble into a pothole in the broken pavements, get hit by falling …
Alistair Dabbs, 20 Jun 2015
Register Roundtable at the Soho hotel

CISOs' newest fear? Criminals with a big data strategy

CIO Manifesto We again gathered an eclectic mix of IT execs including some CISOs, CTOs etc, in a secret bunker to discuss whether we’re winning the security battle. OK, the “bunker” was a meeting room under the Soho Hotel, but not only are we not winning, it is not even clear what winning actually means. On Target Our IT execs happily …
Dominic Connor, 19 Jun 2015
The Bundestag in Berlin. Pic: Hernán Piñera

Confusion reigns as Bundestag malware clean-up staggers on

A malware infestation at the Bundestag is proving harder to clean up than first predicted, with several unconfirmed local reports going as far as suggesting that techies might have to rebuild the entire network from scratch. As previously reported, a state-sponsored attack is suspected for the widespread infection of systems …
John Leyden, 12 Jun 2015

It's 2015 and Microsoft has figured out anything can break Windows

Microsoft head software engineer Lee Holmes says Windows 10 applications will now be able to plug into installed anti-virus platforms to better combat malicious scripts. Holmes says the Windows 10 Antimalware Scan Interface (AMSI) will allow apps and services to use anti-virus to find badness operating in memory. He says most …
Darren Pauli, 12 Jun 2015

Trustwave: Here's how to earn $84,000 A MONTH as a blackhat

Exploit kit traders and ransomware slingers are in one of the most profitable industries in the world, landing a whopping 1,425 percent profit margin for raiding legitimate trade. Figures from infosec firm Trustwave show the blackhats who are enjoying what appears to be a current boom can score outrageous amounts of money by …
Darren Pauli, 10 Jun 2015