Several antivirus products are affected by a design flaw that allows malware or a local attacker to abuse the "restore from quarantine" feature to send previously detected malware to sensitive areas of the user's operating system, helping the malware gain boot persistence with elevated privileges.
Google's new Play Protect security system did not survive its first real-world tests, and the system was ranked dead last in an experiment carried out by German antivirus testing lab AV-Test.
Security researchers from CyberArk have discovered a new technique that allows malware to bypass Windows Defender, the standard security software that comes included with all Windows operating systems.
Google removed — and then reinstated — one of the most popular mobile antivirus apps on the Play Store after security firm Check Point discovered that the app was secretly collecting device data from users' smartphones.
Avast, today's largest vendor of security software, has acquired Piriform, a UK-based company that is behind many successful desktop and mobile apps, such as CCleaner, Recuva, Speccy, and Defraggler.
Ruslans Bondars and Jurijs Martisevs, two Latvian citizens, are facing charges in the US for running a portal that allowed cybercrooks to scan and see if their malware was detected by antivirus software.
Russian lawmakers are drafting a bill that would prohibit the use of Western antivirus products inside the country. If approved, the law will come into effect by mid-2019.
Europol announced today that police across Europe arrested six users who were customers of a malware crypter service and a counter anti-virus platform developed by a 22-year-old German man.
In an article published yesterday, ABC News cited congressional sources who claimed the Senate Intelligence Committee had started an investigation into Kaspersky Lab's relationship with the Russian government.
The Webroot antivirus went berserk yesterday late afternoon, as it flagged core Windows system files as malicious, and even started moving some of the affected files into quarantine, trashing customer computers.
A new technique named DoubleAgent, discovered by security researchers from Cybellum, allows an attacker to hijack security products and make them take malicious actions.
One of the hidden gems included in the Vault 7 data, dumped yesterday by WikiLeaks, is a document detailing bypass techniques for 21 security software products.
Mac users utilizing ESET's endpoint antivirus are advised to update to version 22.214.171.124 as soon as possible in order to mitigate a serious issue that allows attackers to execute arbitrary code on their machines.
A variant of the Cerber ransomware spotted in the wild in the past month contains a function that searches for locally-installed security products and avoids encrypting their files, so firewalls, antivirus or antispyware products can continue working even after Cerber has locked the computer.
"Antivirus software vendors are terrible; don't buy antivirus software, and uninstall it if you already have it (except for Microsoft's)." This is how Robert "Roc" O'Callahan, a former Mozilla bigwig engineer started a blog post today, in which he details a long list of issues that antivirus software have caused to browser vendors.
Tavis Ormandy, one of Google Project Zero's most proficient security researchers, has identified two issues in the way Kaspersky security products inspect HTTPS traffic for web threats.
You'd expect that by now, users should be aware that downloading "cracks" for any kind of software would come with inherent dangers, such as adware, infostealers, backdoors, and even ransomware. Sadly, this isn't the case and a fairly decent amount of users are still get infected with all sort of nasties this way.
The "No More Ransom" project, set up in July by Intel Security, Kaspersky Lab, Europol, and the Dutch National police to help victims of ransomware infections, has expanded today with 34 new partners, and 32 new decryptors that can help ransomware victims unlock their files for free.