Tag Archive for: double

Double Agent attack can turn antivirus into malware

/in

A zero-day attack called Double Agent can take over antivirus software on Windows machines and turn it into malware that encrypts files for ransom, exfiltrates data or formats the hard drives.

Based on a 15-year-old feature in Windows from XP through Windows 10, the attack is effective against all 14 antivirus products tested by security vendor Cybellum – and would also be effective against pretty much every other process running on the machines.

Double Agent was discovered by Cybellum researchers and has not been seen in the wild.

“The attack was reported to all the major vendors which approved the vulnerability and are currently working on finding a solution and releasing a patch,” according to a Cybellum blog. All the vendors were notified more than 90 days ago, which is the standard length of time for responsibly disclosing vulnerabilities and giving vendors time to fix them.

To read this article in full or to leave a comment, please click here

Network World Tim Greene

McCain, Schumer double down on Russia probe – Politico

/in

The Inquisitr

McCain, Schumer double down on Russia probe
Politico
Four influential Democratic and GOP senators on Sunday amplified their call for a special investigation into foreign cyberwarfare, defying Majority Leader Mitch McConnell, who has already ruled out a select panel to probe Russian interference in the U
Russia Is Ahead Of The U.S. On Cyber Warfare, John McCain Tells CNNThe Inquisitr
Bipartisan Senators Call for New Committee on Russian HackingRoll Call
Sen. John McCain: Obama has 'no strategy and no policy' for cyber attacksKTAR.com
Rapid City Journal –UPROXX
all 42 news articles »

cyber warfare – read more

Petya ransomware is now double the trouble

/in

The Petya ransomware now bundles a second file-encrypting program for cases where it cannot replace a computer’s master boot record to encrypt its file table.

Petya is an unusual ransomware threat that first popped up on security researchers’ radar in March. Instead of encrypting a user’s files directly, it encrypts the master file table (MFT) used by NTFS disk partitions to hold information about file names, sizes and location on the physical disk.

Before encrypting the MFT, Petya replaces the computer’s master boot record (MBR), which contains code that initiates the operating system’s bootloader. Petya replaces it with its own malicious code that displays the ransom note and leaves computers unable to boot.

To read this article in full or to leave a comment, please click here

Network World Security

0-day exploits more than double as attackers prevail in security arms race

/in

Enlarge / The number of zero days showed their sharpest rise ever in 2015, reaching a record 54. (credit: Symantec)

The number of attacks that exploited previously unknown software vulnerabilities more than doubled in 2015 as hackers raced against security defenders to find effective ways to infect end users with malware, according to a recently released report.

The number of “zero-day” exploits—a term that was coined because affected software developers have zero days to release a patch that keeps users protected—reached an unprecedented 54, according to researchers at security firm Symantec. That number compared with 24 in 2014, 23 in 2013, and 14 in 2012. The increase was partly caused by the breach of Italy-based zero day broker Hacking Team, which spilled six closely guarded zero days into the public domain. It also came as Adobe and other developers significantly reduced the time it took to release patches that plugged zero-day holes.

“It is difficult to defend against new and unknown vulnerabilities, particularly zero-day vulnerabilities for which there may be no patch, and attackers are trying hard to exploit them faster than vendors can roll out patches,” Symantec researchers wrote in the company’s annual Internet Security Threat Report. The report went on to say that the Angler exploit kit, a package sold in Internet crime forums, was able to quickly integrate the growing number of zero days into its arsenal.

Read 3 remaining paragraphs | Comments

Technology Lab – Ars Technica