Postări

Se afișează postări din martie, 2018

Rootkit? Malwarebytes is unable to load the anti-rootkit dda driver

Svchost.exe running as username

Microsoft Fixes Bad Patch That Left Windows 7, Server 2008 Open to Attack

Microsoft released an out-of-band security update that corrected a faulty patch that left Windows 7 and Windows Server 2008 open to attack.

You down with P2P? 10 tips to secure your mobile payment app

Imagine
If you look at the figures , you cannot deny that the eCommerce industry is steadily growing. More and more people are doing their shopping online, not only for products and services geared toward the use of technologies and the Internet, but also for items previously only found in brick and mortar stores—groceries, clothing, and, of course, books. But within the eCommerce market, a submarket is springing to life. Mobile payment, in particular, appears to be making its way to mainstream adoption in certain parts of the globe. So how does it work? And how can we make sure our mobile transactions, just as our other online payments, are secure? Mobile payment methods Mobile payment is a regulated digital transaction that uses mainly smartphone devices to pay for goods and/or services. This kind of undertaking is supported by apps that act as mobile wallets, which are tied to users’ bank accounts. There are many forms of mobile payment in use today. In countries like South Korea, Japan

The state of ransomware reaches new heights and more news on Facebook | Avast

Imagine
Atlanta suffers massive ransomware attack

It’s Phishing Season | Avast

Imagine
At this very moment, your inbox is teeming with them. Like an annual migration upriver, phishing emails swim their way into the inboxes of all Americans when tax season rolls around. Every January 1 st through April 15 th , cybercriminals blitz the public with their most clever deceits. They pose as someone you know or an institution you use, stating in an official-sounding way that “there’s a problem with your account, just click here to clean it up.” That’s their bait. It’s all decoy.

Avast Mobile Security locks down a perfect score | Avast

Imagine
In January, independent IT-security institute AV-TEST conducted a study of twenty mobile security products for Android. The goal was to test the three main pillars of a strong mobile security solution — malware detection, false positive prevention, and performance impact. Avast Mobile Security was evaluated in the study and aced all categories.

Under Armour Reports Massive Breach of 150 Million MyFitnessPal Accounts

Under Armour is getting kudos for disclosing breach within weeks, but concerns remain over an unknown portion of credentials reportedly stored using the weak SHA-1 hashing function.

TLS 1.3 is nearly here

TLS stands for “ Transport Layer Security ” and it’s rather important. Why’s that? Oh, I’m glad you asked. Here’s me, yelling my password across the office to you: “PASSWORD!!!” You heard me loud and clear, right? But so did basically anyone else nearby. Now let’s work in a little TLS love and attention, and yell again: “Large pile of nonsense where the password should be!” Wow! What happened? Imagine my endlessly yelled password is available to really clever people, uh, standing outside my window listening in. Imagine someone soundproofed said room to enable continued, secure, password yelling. I can yell “Password!” at you all day long, and all anyone else will hear is garbage. That, in a roundabout “analogy crashing to the ground” sort of way, is TLS. It’s a cryptographic protocol that keeps your communications secure as they make their way from point A to point B. It’s very hard to intercept, listen in, or crack. Here comes TLS 1.3 SSL—Secure Socket Layer—came about in 1995

Win 7 - Defender and MS Sec Ess disabled, MBAM BSOD on rootkit check

Trojan virus detected, Google trouble, BSOD

Get CyberGhost now advertisement

Remove the Advertisement Offers by GamerSuperstar Adware Extension

Advertisement Offers by GamerSuperstar is an extension with a description of "Advertising by GamerSuperstar". When installed, this extension will inject advertisements into web pages that you visit. These advertisements will be underlined keywords, foreign advertisements, or video ads. This article was published first at Remove the Advertisement Offers by GamerSuperstar Adware Extension

Remove the MessengerPC PUP

MessengerPC is a potentially unwanted program that opens a window that displays the embedded Facebook Messenger site. What it does not tell you, though, is that when the program is executed it unpacks a Node.js application into the %Temp% folder that performs other unauthorized actions such as connecting to remote sites and tracking you via Google Analytics. This article was published first at Remove the MessengerPC PUP

It’s Phishing Season | Avast

Imagine
At this very moment, your inbox is teeming with them. Like an annual migration upriver, phishing emails swim their way into the inboxes of all Americans when tax season rolls around. Every January 1 st through April 15 th , cybercriminals blitz the public with their most clever deceits. They pose as someone you know or an institution you use, stating in an official-sounding way that “there’s a problem with your account, just click here to clean it up.” That’s their bait. It’s all decoy.

Drupal Issues Highly Critical Patch: Over 1M Sites Vulnerable

Drupal developers are urged to patch a bug that allows attackers to take over a site simply by visiting it.

Remove the Free Malware Removal Tool PUP

Free Malware Removal Tool is a potentially unwanted program that states can detected malware and protect you using real time protection. While it may be able to scan and protect you from some malware, when testing it only detected one item, which was that Internet Explorer was restricted. When testing Internet Explorer, though, it had absolutely no problem launching. This article was published first at Remove the Free Malware Removal Tool PUP

The data breach epidemic: no info is safe

Imagine
By now it’s obvious that data security technology and protocols haven’t kept pace with the needs of consumers. Even as more people trust their most sensitive personal information to online apps and services, databases are routinely exposed. In 2017 alone, we learned about massive data breaches from major organizations like Equifax, Uber, and Verizon. In other words: We’re in the midst of a data breach epidemic. How bad is it? To help better understand the leaky state of data, TruthFinder created this infographic based on data from the Identity Theft Center . In 2005, there were 157 publicly-reported data breaches of sensitive information. By 2017, that number increased tenfold to 1,579 data breaches. The severity of breaches is increasing, too. The first breach that leaked over 1 million credit card numbers occurred in 2005, but now we hear about breaches that expose tens or hundreds of millions of records every few months. Check out TruthFinder’s infographic below. It provide

Exploit kits: Winter 2018 review

Imagine
In the past, we used to have a blog series on exploit kits where we would periodically check in on the main players in the market. In March 2017, we wrote the Winter 2017 review, before exploit kit activity dropped down to a whisper. We’ve since discontinued our blog series, for lack of developments. A year later, however, exploit kits are showing signs of life. An uptick in campaigns and the sharpshooter-like targeting of a single country make exploits once again worth writing about. Overview RIG EK still remains the most common exploit kit used by different actors in a diverse set of malvertising campaigns. We haven’t observed Terror EK since Fall 2017 , but another older kit has made a comeback. And even though it remains largely unsophisticated, GrandSoft EK has maintained its activity. While we aren’t seeing Sundown EK anymore, a spin-off named GreenFlash Sundown was the first (and only so far) to leverage a new Flash Player zero-day and distribute ransomware. Magnitude EK i

Avast Mobile Security locks down a perfect score | Avast

Imagine
In January, independent IT-security institute AV-TEST conducted a study of twenty mobile security products for Android. The goal was to test the three main pillars of a strong mobile security solution — malware detection, false positive prevention, and performance impact. Avast Mobile Security was evaluated in the study and aced all categories.

8 Reasons to Use a VPN | Avast

Imagine
A lot of people (including us!) will tell you that you need to get a VPN (Virtual Private Network) to ensure your privacy and security when surfing the web. A VPN like Avast SecureLine creates an encrypted connection between you and a VPN server, which prevents others from seeing what you do online and from where you do it.

ISTR 23: 사이버 보안 위협 양상 분석

Imagine
ISTR 23, 2017년 정보 보안 주요 사건들을 새로운 각도로 조명 Read More

12 Things to Look for in a Managed PKI Solution, Part 1

Imagine
Publish to Facebook:  No This is the first part of a four-part series covering twelve fundamentals for choosing a managed PKI solution, and questions to ask in the buying process. The purpose of this blog is to make you aware that not all Managed PKI providers are the same. In fact, there are some pretty significant differences between DigiCert’s offerings relative to the competition that you wouldn’t see by comparing data sheets. DigiCert’s key advantage is that the Symantec Managed PKI was designed as a service from the ground up as opposed to the competition, that have built their service from legacy on premise software. While the data sheets might look similar, over the next few weeks, we will highlight some of the fundamental advantages of Symantec Managed PKI. When it comes to Public Key Infrastructure (PKI), organizations have two deployment options: 1) they can opt for an in-house on-premise solution, or 2) a cloud-based service like Symantec Managed PKI*. There are man

Cisco Patches Two Critical RCE Bugs in IOS XE Software

Cisco releases 22 patches as part of its semiannual Cisco IOS and IOS XE software security advisory.

Possible Mother Board Hack

kmode expection not handled ( After recent restore to remove spybot )

AVG Detects Win32:Dropper-gen [Drp] but does not fix it

Bad Microsoft Meltdown Patch Made Some Windows Systems Less Secure

Researcher finds Microsoft’s January Patch Tuesday release included a fix for the Intel Meltdown bug, however the update opened up a new vulnerability.

An in-depth malware analysis of QuantLoader

Imagine
This guest post is written by Vishal Thakur, CSIRT/Salesforce. For more on Vishal, read his bio at the end of the blog. QuantLoader is a Trojan downloader that has been available for sale on underground forums for quite some time now. It has been used in campaigns serving a range of malware, including ransomware, Banking Trojans, and RATs. The campaign that we are going to analyze is serving a BackDoor. In this post, we’ll take both a high-level look at the campaign flow, as well as a deep dive into how the malware executes, with a focus on the networking functions. We’ll dig into the binary to analyze how the malware executes and how it connects back to the C2. We’ll also analyze some interesting calls the malware makes, like calling and executing the netsh command to change local firewall rules. The latest version of QuantLoader is being served through a phishing campaign using some interesting techniques. The campaign starts with a phishing email that comes with a link serving th