Malwarebytes, an antivirus company, caused real chaos in the systems of its Windows users a few days ago: the fact is that the program mistakenly identified any Google domains (including Google search and YouTube) as malicious and blocked access to them.

Let me remind you that we also reported that Microsoft Defender Mistakenly Saw a Threat in Chrome and Electron Apps, and also that Experts Found Long-Standing Bugs in Avast and AVG Antiviruses.

Last Wednesday, social networks received an avalanche of complaints from users of Malwarebytes antivirus who could not log into Google sites, YouTube, or use services such as G Suite, Gmail or the Google Play Store. At the same time, [...]

Cysource experts discovered an RCE vulnerability that allowed “remotely executing commands on the VirusTotal platform and accessing various scanning capabilities.”

The researchers say that the bug was discovered a year ago, in April 2021, but Google, which owns VirusTotal, only recently gave permission to publish information about the vulnerability.

After a deep security research by Cysource research team led by Shai Alfasi & Marlon Fabiano da Silva, we found a way to execute commands remotely within VirusTotal platform and gain access to its various scans capabilities.Cysource experts told.

Marlon Fabiano da Silva

Let me remind [...]

NCC Group experts reported on the SharkBot malware, which was found in the Google Play Store and which disguises itself as an antivirus, actually stealing money from users who installed the application.

SharkBot, like its counterparts TeaBot, FluBot, and Oscorp (UBEL), belongs to the category of banking Trojans capable of stealing credentials from hacked devices and bypassing multi-factor authentication mechanisms. Malware first appeared on the scene in November 2021.

A distinctive feature of SharkBot is its ability to perform unauthorized transactions through automatic transfer systems (ATS), that distinguishes it from, for example, TeaBot, which requires a live operator to [...]

Google has launched a new security feature, Virtual Machine Threat Detection (VMTD), designed for Google Cloud customers. This feature is used to detect and block cryptocurrency miners that can mine virtual money without users knowing.

According to last year’s statistics, miners account for more than 86% of all cloud node compromises.

VMTD works without the use of software agents and constantly scans the memory of virtual machines deployed in Google Cloud for signs of increased CPU or GPU load, that is, the characteristic signs of miners.

As part of the product roadmap, the Security Command Center Team sought to build better protection for its Virtual Machine users. [...]

Antivirus company ESET has released patches and fixed a serious local privilege escalation vulnerability that affected all clients of its Windows products.

The vulnerability, identified as CVE-2021-37852 and discovered by experts from the Zero Day Initiative (ZDI), is rated as high-risk because it allows an attacker to abuse the AMSI scanning function.

This vulnerability allows local attackers to escalate privileges on affected installations of ESET Endpoint Antivirus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the use of named pipes. The issue results from [...]

Due to the continuing global shortage of chips, Canon is in a rather curious situation and is sending out instructions to customers on how to bypass the protection of their own cartridges.

It is difficult for a company to obtain the necessary components for their ink cartridges that validate their legitimacy for their printers.

Therefore, Canon printers often do not recognize genuine cartridges and consider them to be counterfeit, and the company has to explain to customers how they can bypass its own security system.

Semiconductor shortage leads to Canon selling toner cartridges without chips which usually identify them as genuine, so Canon now instructs customers on how [...]

Avast analysts have calculated that thousands of Android applications are leaking a variety of data due to misconfigured Firebase database.

Researchers remind that thanks to Firebase, data can be stored in a huge number of different applications – for training, games, mail, food delivery and others, and in regions around the world, including Europe, Eastern Europe, the Middle East, Southeast Asia and Latin America.

As a result, databases can contain personal information collected by these applications, such as names, addresses, locations, and in some cases even passwords.

Many developers use the Firebase platform to build Android apps. In doing so, they [...]

Analysts at AV-TEST conducted traditional testing of security products for Android, and came to the disappointing conclusion: Android’s built-in Google Play Protect anti-malware system is failing. The AV-TEST tests were conducted over six months, from January to June 2021.

The fact is that Google Play Protect only detected about two-thirds of the 20,000 malicious applications that it encountered during the tests, and as a result, Google’s security solution took the last place in the ranking of researchers.

Even running permanently and scanning every application installed and running on the device, “this service does not provide good security: any [...]

Security researchers have found that thousands of extensions for Google Chrome from the official Chrome Web Store change security headers on popular sites, thereby putting users at risk.

The experts explain that security headers are an important part of the internet today. Technically, they are HTTP responses sent by the server to a client application, such as a browser.

Every time a user accesses the site, the browser makes a request to the server, from which the site is then loaded. While the sites themselves are rendered using HTML, JavaScript, and CSS, administrators can add additional settings to the HTTP connection headers so that the user’s browser handles the [...]

According to Google, hackers linked to the Chinese government are using legitimate McAfee security solutions to distribute malware.

This appears to be the same hacker group that earlier this year tried unsuccessfully to attack the campaign headquarters of former US Vice President Joe Biden.

However, according to the head of Google Threat Analysis Group Shane Huntley, there is no evidence that phishing attacks have been successful.

“From the beginning of the campaign, we knew that we would become the target for such attacks, and properly prepared,” – said in the Biden’s headquarter.

The APT31 group sends its victims emails with a link leading to GitHub, from [...]