Articles about Security Software

Snake oil salesman

Kids today are so stupid they fall for security scams more often than greybeards

Millennials are more likely to fall for tech support scams than baby boomers, Microsoft says. The findings are revealed in a recent Microsoft study that saw it poll peeps in the United Kingdom, the United States, Australia and nine other countries. Redmond's not revealed the number of respondents. Tech support scams take on …
Darren Pauli, 20 Oct 2016
man reads tablet on the toilet. Photo by Shutterstock

It's finally happened: Hackers are coming for home routers en masse

Cybercrooks are increasingly targeting routers in consumers’ homes. Fortinet reports that attacks of this type have regularly figured as entries in its daily top 10 IPS (intrusion prevention system) detection list over the last three months since July. The security vendor reckons that home routers have become a favoured target …
John Leyden, 19 Oct 2016
Embarrassed/exhausted man sits in front of laptop in hipstery office. Photo by Shutterstock

Email security: We CAN fix the tech, but what about the humans?

Last month’s Mr Chow ransomware attacks serve as a timely reminder that security should be at the top of any business IT strategy. Ransomware is on the increase, at least according to the FBI and while it is not all email borne, it is an example of how sophisticated hackers and criminals are getting with technology. Certainly …
Parachutists and cloud image via Shutterstock

Trust the cloud, we’re getting the hang of securing it, says Unisys security chief

IPExpo Everyone’s starting to believe in public cloud but security remains an uphill battle, Unisys’ chief trust officer Tom Patterson told The Register this morning. “There are no four walls any more,” he said, sipping a cappuccino in London’s ExCel conference centre and referring to the traditional security model where threats were …
Gareth Corfield, 06 Oct 2016

Sophos to drop Quadsys after Five Avoid Jail

Sophos has finally “discontinued” its relationship with security reseller Quadsys after five of its staffers, three of whom were directors of the company, were sentenced for offences committed under the Computer Misuse Act last Friday. The Quadsys Five were first charged in August 2015, but while some vendors were quick to …
Crown courtroom. Pic: Shutterstock

Quadsys Five walk free after hacking rival company

Five senior staffers at security reseller Quadsys managed to avoid imprisonment today. The Quadsys Five walked free from Oxford Crown Court this afternoon after a sentencing hearing - they had pleaded guilty in July to charges of securing unauthorised access to computer material, contrary to section 1 of the Computer Misuse …
Game of Thrones

Fingerprint tech makes ATMs super secure, say banks. Crims: Bring it on, suckers

Cybercriminals are hawking their claimed ability to exploit newly introduced biometric-based ATM authentication technologies. Many banks view biometric-based technologies such as fingerprint recognition to be one of the most promising additions to current authentication methods, if not a complete replacement to chip and PIN. …
John Leyden, 29 Sep 2016
Image by Lana839

Suspected Russian DNC hackers brew Mac trojan

Suspected Russian hackers fingered for hacking the United States Democratic National Committee (DNC) have brewed a trojan targeting Mac OS X machines in the aerospace sector, says Palo Alto researcher Ryan Olson. The malware relies on social engineering and exploits a well-known vulnerability in the MacKeeper security software …
Darren Pauli, 27 Sep 2016
Man peers into fridge with odd look on his face. Photo by shutterstock

Printers now the least-secure things on the internet

The Internet of Things is exactly as bad a security nightmare as pessimists think it is, according to Bitdefender's Bogdan Botezatu. The senior threat analyst at the Romanian security software company called by to chat to Vulture South while in Australia (we were, I suspect, meant to discuss the company's 2017 launches, but …

McAfee's back! Intel flogs security software biz, pockets $3.1bn

Intel is selling off a majority stake in its security software arm – formerly known as McAfee – to private equity firm TPG, which will rename itself to, er, McAfee. Chipzilla absorbed McAfee Inc in 2010 for $7.68bn, and in 2014 it phased out the McAfee brand name. According to Intel, that software division is today valued at …
Iain Thomson, 07 Sep 2016
A plate of horderves

Kaspersky Ireland R&D haus

Kaspersky Lab is opening a new R&D office in Ireland. With an initial investment of close to $5m, Kaspersky plans to create 50 new Dublin-based roles in the next three years. The new office will focus mainly on developing data analysis and machine learning technologies for the firm’s enterprise product line-up. The Russian …
John Leyden, 07 Sep 2016

Sophos Windows users face black screens after false positive snafu

Users of Sophos’s security software were confronted with a black screen on starting up their Windows PC over the weekend as the resulted of a borked antivirus update. The botched update meant that the Windows 7 version of winlogon.exe was incorrectly labelled as potentially malicious, resulting in chaos and confusion all …
John Leyden, 05 Sep 2016
A skull atop money

Cisco rewards massive profit jump with thousands of layoffs

Cisco is reporting record financial numbers on the same day it says it will cut 5,500 employees from its payroll. Switchzilla says that the move is part of its ongoing campaign to shift its focus from slinging networking hardware to providing software and services for enterprises moving to software-defined networks (SDN). CEO …
Shaun Nichols, 17 Aug 2016
'Mother' tattoo

Tech support scammers mess with hacker's mother, so he retaliated with ransomware

Vengeful security boffin Ivan Kwiatkowski has infected the computer of an Indian tech support scammer with the Locky ransomware. Kwiatkowski inflicted the virus on the scammers after they attempted to fleece his parents. The retaliatory strike was easy for the French malware analyst; during a phone call with the scammers he …
Darren Pauli, 17 Aug 2016

McAfee outs malware dev firm with scores of installs

McAfee says a software company with more than 50,000 downloads on sites such as is distributing web browser hijacking and fraud malware. Researcher Santosh Revankar says Lavians Inc is pushing the browser redirect and home page hijacker which creates seeming problems that the company then attempts to fix …
Darren Pauli, 11 Aug 2016

IT security splurge surge

Worldwide spending on information security products and services will reach $81.6 billion in 2016, an increase of 7.9 per cent over 2015, according to research and advisory firm Gartner. Consulting and IT outsourcing are the largest categories of spending on information security, but this is poised to change. In the run-up to …
John Leyden, 09 Aug 2016

Snitches get stitches: Little Snitch bugs were a blessing for malware

DEF CON A vulnerability in popular OS X security tool Little Snitch potentially granted malicious applications extra powers, undermining the protection offered by the software. Little Snitch reports in real-time the network traffic entering and leaving your Apple computer, and can block unauthorized connections. It is a handy …
John Leyden, 03 Aug 2016
Kaspersky image

Kaspersky so very sorry after suggesting its antivirus will get you laid

Kaspersky has apologized for displaying a sexist pop-up advert in its security software. It's not sorry about showing adverts on people's PCs, however. The Russian giant's desktop software suite flings adverts, er, news items about Kaspersky products at users who have already paid for its applications. On Friday, one of these …
Iain Thomson, 29 Jul 2016

Security FUD and malware outbreaks boost Sophos' coffers

Revenues at Sophos were buoyed by the growing threat of ransomware and the like to its target mid-market customer base. For the quarter ending 30 June 2016, Sophos recorded revenues of $127.4m, 12.2 per cent up from the $113.5m its business brought in during Q1 2016. Kris Hagerman, chief executive officer, commented: "Our …
John Leyden, 28 Jul 2016

Bosses at UK infosec biz Quadsys confess to hacking rival reseller

Five men working at UK-based IT security reseller Quadsys confessed today to hacking into a rival's database. Owner Paul Streeter, managing director Paul Cox, director Alistair Barnard, account manager Steve Davies and security consultant Jon Townsend appeared before the beak at Oxford Crown Court. All five pleaded guilty to …
Paul Kunert, 21 Jul 2016

Flaws found in security products from AVG, Symantec and McAfee

Updated Hundreds of security products may not be up to the job, researchers say, thanks to flawed uses of code hooking. The research is the handiwork of EnSilo duo Udi Yavo and Tommer Bitton, who disclosed the bugs in anti-virus and Windows security tools ahead of their presentation at the Black Hat Las Vegas conference next month. …
Darren Pauli, 20 Jul 2016

Carbon Black snaps up cloud-dwelling threat-sniffing 'next-gen AV'

Endpoint security firm Carbon Black has bought "next-generation antivirus" firm Confer. Financial terms of the deal, announced today, were undisclosed. Carbon Black plans to re-badge Confer’s security software as “Cb Defense” and offer it alongside its existing roster of application control, incident response, and threat …
John Leyden, 19 Jul 2016

Your antivirus doesn't like Ammyy. And fraudsters will use that to RAT you out (again)

Crooks have once again targeted users downloading Ammyy's remote access software as a conduit for spreading malware. The tactic – which has been witnessed before, specifically in the infamous Lurk banking trojan – has been in play since early February, 2016. Ammyy Admin is a legitimate software package (used by top …
John Leyden, 19 Jul 2016
Pokemon Go game

Silently clicking on porn ads you can't even see – this could be you...

Security firms have repeated warnings that unofficial versions of Pokemon Go are likely tainted with spyware or trojans. RiskIQ has found more than 215 unofficial versions of the app in more than 21 app stores. Separately security researchers at security software firm ESET warn that the first ever fake lockscreen app on the …
John Leyden, 15 Jul 2016

Symantec, Intel carve out diminishing slice of growing security market

Worldwide security software revenues rose 3.7 per cent to reach $22.1bn in 2015, according to analyst Gartner. Security information and event management (SIEM) remained the fastest-growing sub segment of the cybersecurity biz last year, experiencing 15.8 per cent growth. By contrast, consumer security software recorded a 5.9 …
John Leyden, 14 Jul 2016

Avast woos AVG shareholders with $1.3bn buyout offer

Avast is offering to buy anti-virus rival AVG for $1.3bn. AVG shareholders are being offered $25.00 per share in cash, a 33 per cent mark-up on the closing share price on Wednesday. AVG, Avast and rival Avira are the three main players in the market for freebie anti-virus scanners for Windows. All make their money by offering …
John Leyden, 07 Jul 2016
Curser icon over a news paper folded

Android 'ransomware surge'

Ransomware attacks on Android devices running Kaspersky Lab's security software increased almost four-fold in a little more than a year, we're told. File-scrambling malware attempted to infiltrate 136,532 Kaspersky-protected Android users' gadgets at least once between April 2015 and March 2016, compared to 35,413 users in …
John Leyden, 30 Jun 2016

Intel mulls sale of Intel Security – reports

Opinion Intel is reportedly looking to offload its Intel Security arm. The IT giant is investigating options for Intel Security cyber security business, the FT reports. These options include selling off the security software business formerly known as McAfee that the chip-maker bought for $7.7bn back in August 2010. Intel is yet to …
John Leyden, 27 Jun 2016

Libarchive needs patching again

Users, developers, sysadmins – World+Dog, really – need to get busy patching libarchive, after Cisco Talos researchers turned up three new vulnerabilities. Described here, the bugs all relate to input validation. CVE-2016-4300 is a heap overflow in its handling of 7zip files: a malicious file can cause an integer overflow, …

Man-in-the-middle biz Blue Coat bought by Symantec: Infosec bods are worried

Analysis Symantec’s deal to to buy Blue Coat, the controversial web filtering firm, for $4.65bn will bolster its enterprise security business. But some security experts are concerned about the potential for conflict of interest created by housing Symantec’s digital certificate business and Blue Coat’s man-in-the-middle SSL inspection …
John Leyden, 14 Jun 2016
Blue Coat

Blue Coat readies for IPO

Security company Blue Coat Systems, Inc says that it will soon go public with an initial public offering (IPO). The enterprise security software vendor said that on Thursday it officially handed over paperwork to the US Securities and Exchange Commission to announce its plans to enter the New York Stock Exchange under the …
Shaun Nichols, 03 Jun 2016

It's been a breach-tastic year. And Sophos sales were good, apparently

Operating losses at security software firm Sophos have grown in its first year as a listed company – despite increased sales and an encouraging outlook overall. For the year-ending 31 March 2016, Sophos recorded an operating loss of $32.7 million on revenues of $478.2m. This compares to a loss of $0.5m on revenues of $446.7m …
John Leyden, 26 May 2016

Compression tool 7-Zip pwned, pain flows to top security, software tools

Some of the world's biggest security and software vendors will be rushing to patch holes in implementations of the popular 7-zip compression tool to stop attackers gaining full control of customer machines. Cisco security researcher Marcin Noga found and reported the holes to the maintainers of the open source 7-Zip platform …
Darren Pauli, 12 May 2016
Broken CD with wrench

Malware scan stalled misconfigured med software, mid-procedure

A user or reseller who couldn't be bothered configuring their antivirus properly has hit the headlines for interrupting doctors trying to insert a vascular catheter into a patient. As the FDA's Adverse Event Report says, an hourly malware scan stalled a Merge Healthcare Hemo unit, which collects patient vital signs, displays …
Hacker with face obscured, wearing a hoodie,  works in front of a bank of monitors. photo by Shutterstock

Finance bods SWIFT to update after Bangladesh hack

Security vendors are pushing for a more comprehensive revamp of the SWIFT international inter-bank financial transaction messaging system beyond a update prompted by an $81m hack against Bangladesh's central bank. The loss of $81m (part of an attempted $950m heist) in February’s Bangladesh cyber-heist – reckoned to be the …
John Leyden, 29 Apr 2016
Gary Kovacs, CEO of AVG. Pic: World Economic Forum

Mobile antivirus sales offset declining search revenues for AVG

The scourge of Android malware is helping to bolster the bottom line of security software firm AVG but the firm still ended up recording a slight decrease in profits. For the first quarter ending 31 March 2016, AVG posted revenues of $107.9m, compared to $102.8m in Q1 2015, a rise of five per cent. Sales from AVG’s emerging …
John Leyden, 28 Apr 2016

Ex-NSA security expert develops generic Mac ransomware blocker

An Apple security expert has developed a free-of-charge standalone ransomware defense tool for OS X. Patrick Wardle, a former NSA staffer who now heads up research at crowdsourced security intelligence firm Synack, has built RansomWhere?, a generic ransomware detector. The utility works by suspending untrusted processes that …
John Leyden, 20 Apr 2016

Halfbreed trojan targets US banks

A new piece of malware has been linked to thefts of $4m from more than 24 American and Canadian banks in just a few days. Researchers at IBM reckon that hackers combined code from two malware types, known as Nymaim and Gozi, to create GozNym, a persistent and powerful trojan. Customers of numerous credit unions and popular e- …
John Leyden, 15 Apr 2016
London - Iconic Red telephone box with Big Ben at the background and blue sky - UK, England. Photo by Shutterstock

Spear phishers target gullible Brits more than anyone else – survey

There’s been a sharp (35 per cent) increase in crypto ransomware attacks, with the UK ranked as the nation third most targeted with ransomware. The UK is also ranked as the most targeted nation for spear phishing attacks and the second most hit-upon country with social media scams, according to other findings from Symantec's …
John Leyden, 12 Apr 2016
Picard frustrated

Half of people plug in USB drives they find in the parking lot

A new study has found that almost half the people who pick up a USB stick they happen across in a parking lot plug said drives into their PCs. Researchers from Google, the University of Illinois Urbana-Champaign, and the University of Michigan, spread 297 USB drives around the Urbana-Champaign campus. They found that 48 …
Shaun Nichols, 11 Apr 2016

Patch out for 'ridiculous' Trend Micro command execution vuln

A bug in its software meant that Trend Micro accidentally left a remote debugging server running on customer machines. The flaw, discovered by Google’s Project Zero researcher Tavis Ormandy, opened the door to command execution of vulnerable systems (running either Trend Micro Maximum Security, Trend Micro Premium Security or …
John Leyden, 31 Mar 2016

Mal Men men hit LiveJournal with Angler exploit kit

Malwarebytes researcher Jerome Segura says malvertisers have served the world's most dangerous exploit kit - Angler - through compromised advertisements run on and news service The attacks are the latest in a string of brazen and successful malvertising campaigns that are smashing the web's most …
Darren Pauli, 30 Mar 2016
Riot police in London. Pic: Steve Jackson

Met plod commissioner: Fraud victims should not be refunded by banks

A senior police commissioner has complained that it would be wrong to interpret his comments about preventing online fraud victims from claiming compensation as a proposal for online fraud victims being unable to claim compensation. Sir Bernard Hogan-Howe asserted that the problem was systemic, telling The Times: “The system …

US bank fended off 513 trojans last year alone

The most beleaguered bank in the United States was hit with 513 financial trojans last year, says Symantec threat bod Candid Wueest. The unnamed bank and Symantec customer was in the crosshairs of 78.2 percent of all financial trojans seen by the security firm last year. It is unknown if any of the malware samples gained a …
Darren Pauli, 24 Mar 2016

Police create mega crime database to rule them all. Is your numberplate in it? Could be

The police are to consolidate a number of their large databases into a single "platform" in order to "protect victims and spot potential links to other crimes." The plans for a "National Law Enforcement Data Programme" were announced by the Home Office today and will bring together data from the Police National Computer, …
Kat Hall, 23 Mar 2016

Quadsys Five enter 'not guilty' pleas to Crown court charges

The fraud case against five men from security reseller Quadsys will go to trial in September after they pleaded not guilty to allegations of hacking into a rival’s database to plunder customer and pricing data. The individuals charged include MD Paul Cox, owner Paul Streeter, director Alistair Barnard, account manager Steve …
Paul Kunert, 18 Mar 2016
Hacker with face obscured, wearing a hoodie,  works in front of a bank of monitors. photo by Shutterstock

Is this Romanian man really 'GhostShell'? If so, he risks arrest

Members of the security community are nonplussed by claims that a Romanian hacker “GhostShell” has seemingly risked arrest by doxxing himself in a bid to get a job in information security. The man claiming to be a one-time Anonymous-affiliated hacktivist avoided identification and arrest for four years before apparently outing …
John Leyden, 15 Mar 2016

Samsung PC, laptop owner? Better update the update tool

Users ought to upgrade following the discovery of a flaw in Samsung’s software update tool that opens the door to man-in-the-middle attacks. Security shortcomings in Samsung SW Update Tool, which analyses the system drivers of a computer, were discovered by Core Security. Following the discovery of this vulnerability, Core …
John Leyden, 11 Mar 2016

First OS X ransomware actually a scrambled Linux file scrambler

The world's first fully functional OS X ransomware, KeRanger, is really a Mac version of the Linux Encoder Trojan, according to new research from Romanian security software firm Bitdefender. The infected OS X torrent update carrying KeRanger looks virtually identical to version 4 of the Linux Encoder Trojan that has already …
John Leyden, 09 Mar 2016

Android trojan Triada implants itself into older mobes' 'brains'

Security researchers have discovered a trojan targeting Android devices that can be as complex and functional as Windows-based malware. The Triada trojan is stealthy, modular, persistent and written by professional cybercriminals, according to security researchers at Kaspersky Lab. The trojan can modify outgoing SMS messages …
John Leyden, 03 Mar 2016