The correct definitions of most of the things in the computer world are known, and it is pretty hard to find one that can still be discussable. However, there is one argument that lasts for about a decade – what is the difference between virus and malware?

Huh, to answer this question, we need to have a look at the history of malware and computer viruses. Even the historical timings bring a lot of disagreements. That’s why history is not the only thing that will be looked at – modern facts bring a lot of clarity at this point. Without further interruption – let’s go.

What is so controversial in malware vs virus?

Due to the continuing global shortage of chips, Canon is in a rather curious situation and is sending out instructions to customers on how to bypass the protection of their own cartridges.

It is difficult for a company to obtain the necessary components for their ink cartridges that validate their legitimacy for their printers.

Therefore, Canon printers often do not recognize genuine cartridges and consider them to be counterfeit, and the company has to explain to customers how they can bypass its own security system.

Semiconductor shortage leads to Canon selling toner cartridges without chips which usually identify them as genuine, so Canon now instructs customers on how [...]

The media reports that Microsoft Defender for Log4j problems is showing false warnings about some kind of “sensor hack” associated with the recently deployed Microsoft 365 Defender scanner for Log4j processes.

According to Bleeping Computer, such warnings mostly appear on Windows Server 2016 systems and says: “Microsoft Defender for Endpoint has detected possible sensor tampering with memory.” These warnings apply to the OpenHandleCollector.exe process.

Microsoft representatives have already told outraged administrators that there is really nothing to worry about, as these are false positives. It is known that at the present time the [...]

Microsoft has launched a special portal through which users and information security researchers can report malicious and suspicious drivers.

The new Vulnerable and Malicious Driver Reporting Center is essentially a web form that allows users to download a copy of a suspicious driver, which will then be analysed by Microsoft’s automated scanner.

The fact is that in recent years, malicious drivers are increasingly used by major APTs and other cybercriminals. Most often, cybercriminals abuse vulnerabilities in old and unpatched drivers, or even deliberately downgrade and install older drivers into the system (for example, to gain administrator rights on a compromised [...]

Microsoft confirmed the existence of a new bug affecting Windows Serve-based devices due to which Microsoft Defender for Endpoint doesn’t start. The problem prevents the launch of a security solution from Kaspersky.

Endpoint Security Platform (formerly known as Microsoft Defender Advanced Threat Protection or Defender ATP) may not launch on devices with Windows Server Core installed. The issue is known to only affect devices with KB5007206 on Windows Server 2019 and KB5007205 on Windows Server 2022.

“After installing KB5007205 (or later updates), Microsoft Defender for Endpoint may not start on devices with Windows Server Core installed.”reported in company.

It is [...]

Microsoft cybersecurity specialist shared some interesting statistics: most cybercriminals prefer to brute-force passwords no longer than 7 characters, and only a small percentage of attacks target long passwords containing special characters.

The researcher collected statistics for this analysis from numerous honeypot servers, which he manages on duty, studying the trends among attackers:

I analyzed the credentials used in over 25,000,000 brute-force attacks on SSH. In 77% of cases, brute force was directed to passwords from 1 to 7 characters. A password longer than 10 characters was encountered only in 6% of cases.Ross Bevington, a Microsoft expert, told the company.

The [...]

Kaspersky Lab reported that its legitimate Amazon Simple Email Service (SES) token, previously issued to a third-party contractor, was used by cybercriminals as part of a phishing campaign aimed at Office 365 users.

Amazon SES is a scalable email service that allows developers to send emails from any application, including marketing and bulk mailing.

Experts associate these phishing attacks with several criminal groups that used two cornerstones of phishing for the attacks: Iamtheboss and MIRCBOOT.

This token was issued to a third party contractor during testing of the 2050.earth site. The site is also hosted on the Amazon infrastructure. After phishing attacks were [...]

Avast introduced free decryptors to recover files previously encrypted by AtomSilo, Babuk and LockFile malware.

It is suggested to use the same decoder for AtomSilo and LockFile. The researchers explain that these ransomware strains are very similar to each other, so it was possible to create a single tool for them.

The company emphasizes that the decoder may not be able to cope with files with unknown and proprietary formats or without extensions at all.

It is reported that specialists managed to crack the malware using information received from the researcher RE-CERT. In the middle of this month, he wrote on Twitter that he found a way to hack AtomSilo and [...]

Information security specialists Gemini Advisory (a division of Recorded Future) discovered that the well-known hacker group FIN7 created a fake information security company Bastion Secure in order to find and hire researchers “for work”. As a result, the talents of the specialists recruited in this way were used to carry out ransomware attacks.

Bastion Secure’s website claims that the firm provides penetration testing services to private companies and public sector organizations around the world. However, experts write that FIN7 uses Bastion Secure as a screen for finding and hiring information security specialists for various positions.

Relevant job [...]

The researchers, with the support of information security companies, managed to teach a special algorithm to guess 4-digit PIN-codes from bank cards when a victim works with an ATM. The attack works in 41% of cases, even if the person covers the keyboard with his hand while typing.

Bleeping Computer says that to fine-tune the algorithm, reseacyers will need a copy of the keyboard of the target ATM, since it is necessary to take into account the specific dimensions and spacing of the keys. On such a layout, using machine learning and a video of people entering PIN codes, the algorithm learns to recognize different keystrokes and assign certain probabilities to different sets of [...]