Category Archives: Anti-virus

ESET antivirus opens Macs to remote code execution

Posted on by

Like any other software, security software is sure to have some vulnerabilities that can be exploited by attackers. The latest in a long list of examples that prove this fact is the recently revealed remote code execution flaw affecting all but the latest version of ESET Endpoint Antivirus 6 for macOS. Discovered and reported by Jason Geffner and Jan Bee of the Google Security Team, the vulnerability (CVE-2016-9892) is present because the esets_daemon service is … More Continue reading ESET antivirus opens Macs to remote code execution

Malware hidden in digitally signed executables can bypass AV protection

Posted on by

Researchers have shown that it’s possible to hide malicious code in digitally signed executables without invalidating the certificate, and execute this code – all without triggering AV solutions. Tom Nipravsky, from Tel Aviv-based Deep Instinct, presented the results of their research at Black Hat USA 2016, but didn’t release PoC code as it would be too dangerous. Injecting malware into digitally signed executables To perform a successful attack, Deep Instinct researchers had to create two … More Continue reading Malware hidden in digitally signed executables can bypass AV protection

Flawed code hooking engines open endpoints to compromise

Posted on by

Six common security issues stemming from the incorrect implementation of code hooking and injection techniques have been unearthed by EnSilo researchers in over 15 different products, including anti-virus (AV) and anti-exploitation solutions, data loss prevention software (DLP) and host-based intrusion-prevention systems (HIPS). The fact that some of these issues also affect three different hooking engines, including the most popular one (Microsoft Detours), means that thousands of product are likely affected – and not just security … More Continue reading Flawed code hooking engines open endpoints to compromise

Researchers create effective anti-ransomware solution

Posted on by

Are you willing to sacrifice a dozen or so of your files in order to save the rest from the grasping hands of modern crypto-ransomware? I believe that the answer from most victims would be a resounding “Yes!”, and this is just what CryptoDrop does. The anti-ransomware solution, which apparently works seamlessly with anti-virus software, was created by a group of researchers from the University of Florida and Villanova University: It works as an early-warning … More Continue reading Researchers create effective anti-ransomware solution

Symantec, Norton AV products are riddled with serious flaws

Posted on by

Google security researcher Tavis Ormandy has unearthed a slew of critical vulnerabilities, including many remote code execution flaws, in Symantec and Norton enterprise and consumer AV products. The flaws affect the core engine deployed in the products and are, according to Ormandy, “as bad as it gets.” “They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code … More Continue reading Symantec, Norton AV products are riddled with serious flaws

Can Windows Defender Really be an Enterprise Security Solution?

Posted on by

Microsoft’s IT department is the ultimate testing scenario when it comes to rolling out operating systems upgrades, security solutions and management software for all of their company wide computer systems. Their most recent white paper is all about … Continue reading Can Windows Defender Really be an Enterprise Security Solution?