Let me remind you that we also reported that Chinese hackers use McAfee antivirus for spreading the malware, and that ESET fixed a serious vulnerability in its products for Windows.
Bugs in Avast and AVG antiviruses were discovered in December 2021, received the identifiers CVE-2022-26522 and CVE-2022-26523, and affect Avast and AVG antiviruses. Since Avast acquired AVG in 2016, the problems appeared to be related to the [...]
The researchers say that the bug was discovered a year ago, in April 2021, but Google, which owns VirusTotal, only recently gave permission to publish information about the vulnerability.After a deep security research by Cysource research team led by Shai Alfasi & Marlon Fabiano da Silva, we found a way to execute commands remotely within VirusTotal platform and gain access to its various scans capabilities.Cysource experts told.
Let me remind [...]
Vulnerability CVE-2022-20685 was rated 7.5 out of 10 on the threat rating scale. The problem is present in the Modbus preprocessor of the Snort discovery engine and affects all releases of the system up to version 2.9.19, as well as version 22.214.171.124.Successful exploitation of vulnerabilities in network analysis tools like Snort can have a devastating impact on corporate and OT networks. Network analysis tools are an under-researched area [...]
Cyberthreat detection time has been reduced to 21 days in 2021 compared to 24 days in 2020. Ransomware was detected on average within five days, while other attacks went undetected for 36 days in 2021, compared to 45 days in 2020.
However, the overall situation is getting better as more companies partner with third-party cybersecurity firms, and government agencies and cybersecurity companies often notify victims of attacks, resulting in faster detection.
One more positive trend: let me remind you that we wrote [...]
The latest vulnerability has the identifier CVE-2022-1040 and is rated as critical on the CVSS scale (9.8 points out of 10 possible).
The bug reportedly allows remote attackers to bypass authentication through the firewall’s user portal or web admin and then execute arbitrary code. The vulnerability was discovered by an anonymous researcher who reported it through the official bug bounty program and stated that the issue affects Sophos Firewall 18.5 MR3 (18.5.3) and earlier.
So far, little is known about attacks that exploit this [...]
Companies on this list are prohibited from purchasing telecommunications equipment and services, parts and components from US companies without specific government approval, and are not eligible for FCC funding. Let me remind you that such giants as Huawei and ZTE have already been included in this list.
According to the US authorities, the products of the banned companies pose a threat to US national security. The ban was imposed under a law that [...]
The BSI statement says that companies are better off replacing Kaspersky products with any other security solutions from non-Russian manufacturers. The department motivates this by the fact that antivirus software usually has high privileges on Windows systems, and also maintains a permanent, encrypted connection with its servers. In addition, antiviruses can upload suspicious files to remote servers for further analysis, which means [...]
SharkBot, like its counterparts TeaBot, FluBot, and Oscorp (UBEL), belongs to the category of banking Trojans capable of stealing credentials from hacked devices and bypassing multi-factor authentication mechanisms. Malware first appeared on the scene in November 2021.
A distinctive feature of SharkBot is its ability to perform unauthorized transactions through automatic transfer systems (ATS), that distinguishes it from, for example, TeaBot, which requires a live operator to [...]
According to last year’s statistics, miners account for more than 86% of all cloud node compromises.
VMTD works without the use of software agents and constantly scans the memory of virtual machines deployed in Google Cloud for signs of increased CPU or GPU load, that is, the characteristic signs of miners.As part of the product roadmap, the Security Command Center Team sought to build better protection for its Virtual Machine users. [...]
Let me remind you that web skimmers are also called MageCart attacks. Initially, the name MageCart was given to one hack group, which was the first to inject malicious code into websites in order to steal bank card data. As part of such attacks, hackers break into websites and then inject malicious code on their pages that records and steals payment card [...]