Blog Archives – The Best Antivirus Software for 2022

Blog

Sort

VMware Fixes Critical Vulnerability in Cloud Foundation

VMware developers have released a patch for a critical vulnerability in the VMware Cloud Foundation hybrid cloud platform.

The issue was identified in the XStream open-source library used by Cloud Foundation and scored 9.8 out of 10 on the CVSS vulnerability rating scale.

By the way, we also said that Some Versions of VMware Carbon Black Cause BSODs on Windows.

The vulnerability, which received the identifier CVE-2021-39144, was discovered by experts from Source Incite and can lead to remote execution of arbitrary code without requiring authentication and any user interaction. The developers also warn that the operation of the bug difficult is not difficult at [...]

Critical Bug in VMware Products Is Used to Install Miners and Ransomware

Fortinet experts warn that hackers are still exploiting the critical bug in VMware Workspace ONE Access (CVE-2022-22954), thus spreading ransomware and cryptocurrency miners.

We also wrote that Some Versions of VMware Carbon Black Cause BSODs on Windows.

Let me remind you that the CVE-2022-22954 vulnerability is associated with remote arbitrary code execution and affects VMware Workspace ONE Access. The bug scored 9.8 out of 10 on the CVSS vulnerability rating scale, and VMware discovered and fixed the issue on April 6 this year. However, the attackers reversed this fix and within 48 hours created an exploit, which was then used to compromise yet unpatched servers.

In [...]

PoC Exploit for Critical Vulnerability in Fortinet Products Appeared

A PoC exploit has been published for the critical vulnerability CVE-2022-40684 in Fortinet products, which affects FortiGate firewalls, FortiProxy web proxy, and FortiSwitch Manager. This bug is rated 9.6 points out of 10 on the CVSS scale and allows a complete authentication bypass.

Let me remind you that we also wrote that Hackers leaked credentials of 500,000 Fortinet VPN accounts to the public.

Fortinet developers reported a critical vulnerability in their products earlier this week, and released patches for a dangerous problem that was already under attack at that time.

Authentication bypass using alternative path or channel [CWE-88] in FortiOS and FortiProxy allows [...]

Malwarebytes Antivirus Identified Google and YouTube Domains as Malicious

Malwarebytes, an antivirus company, caused real chaos in the systems of its Windows users a few days ago: the fact is that the program mistakenly identified any Google domains (including Google search and YouTube) as malicious and blocked access to them.

Let me remind you that we also reported that Microsoft Defender Mistakenly Saw a Threat in Chrome and Electron Apps, and also that Experts Found Long-Standing Bugs in Avast and AVG Antiviruses.

Last Wednesday, social networks received an avalanche of complaints from users of Malwarebytes antivirus who could not log into Google sites, YouTube, or use services such as G Suite, Gmail or the Google Play Store. At the same time, [...]

Researchers Created a TickTock Device to Detect Wiretapping

Experts from the National University of Singapore and Yonsei University have developed a TickTock device to detect wiretapping. TickTock can check if the microphone of a laptop or smartphone is being used to secretly record user conversations.

Let me remind you that we also wrote that Apple Introduces Lockdown Mode to Protect against Spying.

The device is based on the Raspberry Pi 4 Model B, but in the future, they want to make it look like a regular USB flash drive.

The gadget and the process of its creation are described in detail in a document published on ArXiv. The authors of the development note that remote “spy” attacks are becoming more and more [...]

Microsoft Defender Mistakenly Saw a Threat in Chrome and Electron Apps

Due to a bug in an update, Microsoft Defender incorrectly identified Google Chrome, Microsoft Edge, Discord, Spotify, and other Electron apps as a Win32/Hive.ZY threat every time they ran on Windows.

Let me remind you that we also said that Microsoft Defender Scanner for Log4j Problems finds non-existent bugs, and also that LockBit Ransomware Uses Windows Defender to Download Cobalt Strike.

The problem of false positives manifested itself last weekend, after the release of signature update 1.373.1508.0. This update includes two new threats, including the already mentioned Win32/Hive.ZY. Microsoft writes that this is a universal identifier for suspicious behavior, which will [...]

Some Versions of VMware Carbon Black Cause BSODs on Windows

Servers and workstations running Windows began to fail in dozens of organizations around the world – it turned out to be a bug provoked by some versions of the Carbon Black security product from VMware.

Carbon Black, acquired by the company in 2019, is a suite of cloud-based endpoint security tools “aimed at strengthening corporate cybersecurity.”

Let me remind you that we also wrote that Much of the Cybersecurity Budget Is Wasted.

The root of the problem affecting many companies lies in the rule set deployed on August 23, 2022 for Carbon Black Cloud Sensor versions 3.6.0.1979 – 3.8.0.398. This update causes devices to crash and cause a Blue [...]

Hack Group LockBit Announced the Hacking of the Information Security Company Entrust

Ransomware group LockBit has claimed responsibility for the June hack of cybersecurity firm Entrust. Hackers have already begun to publish data stolen from the company on their “leak site”.

Let me remind you that we also wrote that Grouping LockBit Announced the Hacking of the Information Security Company Mandiant, and also that LockBit Ransomware Uses Windows Defender to Download Cobalt Strike.

The Entrust hack became known back in June 2022. Then Bleeping Computer reported that the company suffered from te ransomware attack, during which data was stolen from its systems. Representatives of Entrust confirmed to reporters the fact of hacking, but did not provide any details of [...]

Microsoft-Approved UEFI Bootloaders Could Bypass Secure Boot

Eclypsium experts have discovered that a number of third-party UEFI bootloaders can be used to bypass UEFI Secure Boot protection, allowing attackers to execute malicious code before the operating system boots.

Let me remind you that we also said that Zloader Trojan Disables Microsoft Defender on Victims’ Systems.

The researchers remind that Secure Boot is part of the UEFI specification and is designed to protect the OS boot process so that only trusted code signed with a special certificate is executed within it.

Experts write that three Microsoft-approved UEFI bootloaders at once had vulnerabilities that allowed them to bypass Secure Boot and execute unsigned [...]

Commercial Cybersecurity Products Use Others’ Codes without Permission

Patrick Wardle, a well-known macOS security expert, founder of the Objective-See Foundation, at the Black Hat 2022 conference together with his colleague Tom McGuire, an information security researcher from Johns Hopkins University, spoke about the fact that commercial cybersecurity products use other people’s code and algorithms without permission.

Let me remind you that we also reported that LockBit Ransomware Uses Windows Defender to Download Cobalt Strike.

Wardle cited his OverSight tool as an example. This tool, offered for free by the Objective-See Foundation, allows users to control the microphone and webcam on a Mac, alerting them each time the microphone is [...]

1 2 3 4

	8.4
	8.5
	8.3
	7.8
	7.1
	7.8

8.4

8.5

8.3

7.8

7.1

7.8