A new technique named DoubleAgent, discovered by security researchers from Cybellum, allows an attacker to hijack security products and make them take malicious actions.
One of the hidden gems included in the Vault 7 data, dumped yesterday by WikiLeaks, is a document detailing bypass techniques for 21 security software products.
Mac users utilizing ESET's endpoint antivirus are advised to update to version 22.214.171.124 as soon as possible in order to mitigate a serious issue that allows attackers to execute arbitrary code on their machines.
A variant of the Cerber ransomware spotted in the wild in the past month contains a function that searches for locally-installed security products and avoids encrypting their files, so firewalls, antivirus or antispyware products can continue working even after Cerber has locked the computer.
"Antivirus software vendors are terrible; don't buy antivirus software, and uninstall it if you already have it (except for Microsoft's)." This is how Robert "Roc" O'Callahan, a former Mozilla bigwig engineer started a blog post today, in which he details a long list of issues that antivirus software have caused to browser vendors.
Tavis Ormandy, one of Google Project Zero's most proficient security researchers, has identified two issues in the way Kaspersky security products inspect HTTPS traffic for web threats.
You'd expect that by now, users should be aware that downloading "cracks" for any kind of software would come with inherent dangers, such as adware, infostealers, backdoors, and even ransomware. Sadly, this isn't the case and a fairly decent amount of users are still get infected with all sort of nasties this way.
The "No More Ransom" project, set up in July by Intel Security, Kaspersky Lab, Europol, and the Dutch National police to help victims of ransomware infections, has expanded today with 34 new partners, and 32 new decryptors that can help ransomware victims unlock their files for free.
A report released today on the software products with the most security flaws in the past three months reveals that almost a quarter of all entries on the monthly Top 20 list were various types of security products.
One Android banking trojan has borrowed a trick from its desktop counterparts, and besides stealing login credentials from banking apps, this threat also sabotages mobile antivirus applications and prevents them from launching.
Panda Security must pay financial damages to a customer that suffered a malware infection which the company's antivirus failed to pick-up, despite running an up-to-date signature database.