protect computer Archives – The Best Antivirus Software for 2022

Posts Tagged ‘protect computer’

Sort

CrowdStrike Introduces Charlotte AI, the World’s First Cyber Security AI Analyst

Security company CrowdStrike announced Charlotte AI, a generative AI analyst that uses the best and most comprehensive cyber threat data and continuously improves through feedback from industry-leading attack detection and response experts.

CrowdStrike trained the model on information about recent security events the company has experienced, information about threats from hacker groups and ongoing attacks, and telemetry for users, devices, and cloud workloads.

Let me remind you that we also wrote that OpenAI Introduced a Tool for Detecting Text Generated by Artificial Intelligence, and also that New White Phoenix Tool Helps Recover Files Partially Encrypted by [...]

Offensive Security Releases Kali Purple for Security Specialists

Offensive Security has released Kali Linux 2023.1, the first version of 2023 (also dedicated to the tenth anniversary of the project) with the new Kali Purple distribution, which is designed for the blue and purple teams, that is, focused on defensive security.

Let me remind you that we also wrote that Researchers Created a TickTock Device to Detect Wiretapping, and also that OpenAI Introduced a Tool for Detecting Text Generated by Artificial Intelligence.

Also the media wrote that Linus Torvalds Uses Linux on an Apple MacBook Air with an M2 Processor.

In this release of Kali Linux, developers have introduced many new features, including:

mentioned Kali Purple for [...]

The Researcher Managed to Turn Antiviruses and EDR into Wipers

A specialist from SafeBreach has figured out how to turn the popular EDR (endpoint detection and response) and Microsoft, SentinelOne, TrendMicro, Avast and AVG antiviruses into wipers. To do this, the expert used the data deletion functionality built into security products.

Or Yair of SafeBreach writes that attackers can exploit the security solutions already in the target system for their destructive attacks.

Let me remind you that we also said about Critical Bug in VMware Products, and also that PoC Exploit for Critical Vulnerability in Fortinet Products Appeared.

Or Yair

This will make attacks stealthier, and hackers won’t have [...]

Let’s Encrypt issued over 3 billion certificates, protecting 309 million websites for free

The non-profit organization Internet Security Research Group (ISRG), behind Let’s Encrypt, revealed the statistics and said that this year the public certificate authority issued three billion certificates.

As a reminder, Let’s Encrypt has been providing sites with the X.509 digital certificates required to enable HTTPS (SSL/TLS) and encrypted communication for free since September 2015, when the first certificate for the helloworld.letsencrypt.org domain was issued.

Since August 2018, Let’s Encrypt has been trusted by all major browsers and operating systems, as well as by all major root certificate authorities (including those from Microsoft, Google, Apple, [...]

Microsoft Defender Mistakenly Saw a Threat in Chrome and Electron Apps

Due to a bug in an update, Microsoft Defender incorrectly identified Google Chrome, Microsoft Edge, Discord, Spotify, and other Electron apps as a Win32/Hive.ZY threat every time they ran on Windows.

Let me remind you that we also said that Microsoft Defender Scanner for Log4j Problems finds non-existent bugs, and also that LockBit Ransomware Uses Windows Defender to Download Cobalt Strike.

The problem of false positives manifested itself last weekend, after the release of signature update 1.373.1508.0. This update includes two new threats, including the already mentioned Win32/Hive.ZY. Microsoft writes that this is a universal identifier for suspicious behavior, which will [...]

Some Versions of VMware Carbon Black Cause BSODs on Windows

Servers and workstations running Windows began to fail in dozens of organizations around the world – it turned out to be a bug provoked by some versions of the Carbon Black security product from VMware.

Carbon Black, acquired by the company in 2019, is a suite of cloud-based endpoint security tools “aimed at strengthening corporate cybersecurity.”

Let me remind you that we also wrote that Much of the Cybersecurity Budget Is Wasted.

The root of the problem affecting many companies lies in the rule set deployed on August 23, 2022 for Carbon Black Cloud Sensor versions 3.6.0.1979 – 3.8.0.398. This update causes devices to crash and cause a Blue [...]

Microsoft-Approved UEFI Bootloaders Could Bypass Secure Boot

Eclypsium experts have discovered that a number of third-party UEFI bootloaders can be used to bypass UEFI Secure Boot protection, allowing attackers to execute malicious code before the operating system boots.

Let me remind you that we also said that Zloader Trojan Disables Microsoft Defender on Victims’ Systems.

The researchers remind that Secure Boot is part of the UEFI specification and is designed to protect the OS boot process so that only trusted code signed with a special certificate is executed within it.

Experts write that three Microsoft-approved UEFI bootloaders at once had vulnerabilities that allowed them to bypass Secure Boot and execute unsigned [...]

Commercial Cybersecurity Products Use Others’ Codes without Permission

Patrick Wardle, a well-known macOS security expert, founder of the Objective-See Foundation, at the Black Hat 2022 conference together with his colleague Tom McGuire, an information security researcher from Johns Hopkins University, spoke about the fact that commercial cybersecurity products use other people’s code and algorithms without permission.

Let me remind you that we also reported that LockBit Ransomware Uses Windows Defender to Download Cobalt Strike.

Wardle cited his OverSight tool as an example. This tool, offered for free by the Objective-See Foundation, allows users to control the microphone and webcam on a Mac, alerting them each time the microphone is [...]

Much of the Cybersecurity Budget Is Wasted

According to a recent study, 73.48% of organizations believe that the majority of their cybersecurity budget is wasted due to a failure to mitigate threats despite the abundance of security tools at their disposal.

Let me remind you that we also wrote about such a trend as: Companies significantly improved cyberthreat detection time.

A survey conducted by Gurucul among 180 participants at the RSA 2022 conference was about their opinion on the effectiveness of security operations in their organizations.

Only 25% of organizations believe that their main threat comes from within the business.

And this despite the growth of internal threats by 47% over the past two [...]

MITER Security Advisory Exposed Data on Vulnerable Systems

The security advisories that MITER specialists publish for various CVEs contained links to remote administration consoles for a number of affected devices. Users accidentally noticed an error that has existed since April.

Journalists from Bleeping Computer report that a reader reported the problem to them, who was very surprised to find several references to vulnerable systems listed in the “references” section in the CVE bulletin.

Typically, this section provides links to primary sources (report, blog post, PoC demo) that explain the vulnerability. Sometimes security bulletins do include links confirming the existence of a vulnerability, but usually they lead to [...]

1 2

	8.4
	8.5
	8.3
	7.8
	7.1
	7.8

8.4

8.5

8.3

7.8

7.1

7.8