The Wild West of drive-by cryptocurrency mining
As more and more Coinhive clones continue popping up, chances of users’ CPU power being hijacked for cryptocurrency mining are rising. According to Malwarebytes’ …
antivirus
Weaponizing machine learning to improve cyber defenses
As defensive technologies based on machine learning become increasingly numerous, so will offensive ones – whether wielded by attackers or pentesters. The idea is the …
Google researcher uncovers another RCE in Microsoft Malware Protection Engine
Google Project Zero researcher Tavis Ormandy has unearthed yet another critical remote code execution vulnerability affecting the Microsoft Malware Protection Engine, which …
8 RCE, DoS holes in Microsoft Malware Protection Engine plugged
After the discovery and the fixing of a “crazy bad” remote code execution flaw in the Microsoft Malware Protection Engine earlier this month, now comes another …
Microsoft plugs crazy bad bug with emergency patch
On Monday night, Microsoft released a critical out-of-band security update for the Microsoft Malware Protection Engine, to plug an easily exploitable bug that could allow …
DoubleAgent attack uses built-in Windows tool to hijack applications
Security researchers from computer and network security outfit Cybellum have revealed a new zero-day code injection and persistence technique that can be used by attackers to …
ESET antivirus opens Macs to remote code execution
Like any other software, security software is sure to have some vulnerabilities that can be exploited by attackers. The latest in a long list of examples that prove this fact …
Malware hidden in digitally signed executables can bypass AV protection
Researchers have shown that it’s possible to hide malicious code in digitally signed executables without invalidating the certificate, and execute this code – all …
Flawed code hooking engines open endpoints to compromise
Six common security issues stemming from the incorrect implementation of code hooking and injection techniques have been unearthed by EnSilo researchers in over 15 different …
Researchers create effective anti-ransomware solution
Are you willing to sacrifice a dozen or so of your files in order to save the rest from the grasping hands of modern crypto-ransomware? I believe that the answer from most …
Symantec, Norton AV products are riddled with serious flaws
Google security researcher Tavis Ormandy has unearthed a slew of critical vulnerabilities, including many remote code execution flaws, in Symantec and Norton enterprise and …
Bug in Symantec’s anti-virus engine can lead to system compromise
Google Project Zero researcher Tavis Ormandy has unearthed a critical remote code execution vulnerability in the anti-virus engine powering Symantec’s endpoint security …