Tag Archive for: unveils

Bitdefender unveils App Anomaly Detection to detect malicious activity in Android apps

/in


Bitdefender has unveiled App Anomaly Detection, the real-time, behavior-based protection layer available now in Bitdefender Mobile Security for Android, that continuously detects anomalous and malicious behavior in Android applications as it emerges.

The number of malicious and compromised Android applications available for download in popular app stores continues to grow as cybercriminal groups increasingly leverage the malware as a service (MaaS) model.

Bitdefender research identified dozens of Android applications totaling millions of downloads in the Google Play store in the last year alone that turned malicious after users installed them, with some acting as delivery mechanisms for mobile banking trojans that steal users’ login credentials.

Bitdefender App Anomaly Detection is a technology integrated into the Bitdefender Malware Scanner to provide an additional layer of protection by continuously monitoring and detecting any malicious behaviors and alerting the user if suspicious activities are identified.

Designed to help safeguard Android mobile users’ data, financial assets, and identities from fake or malicious applications, App Anomaly Detection protects users from known and unknown (zero-day) attacks that result in financial loss, account takeover, and identity fraud.

Other anti-malware solutions for Android, currently available on the market, use signature-based detection, that cybercriminals could evade by designing their mobile applications to only manifest malicious behaviors when certain conditions are met, or after a period of days or weeks after they are first downloaded.

Bitdefender App Anomaly Detection uses a combination of machine learning models, real-time behavior scanning, reputation systems, and other data points to continuously monitor and detect the moment an application turns from benign to malicious.

In this way, Bitdefender App Anomaly Detection protects users even when they have unknowingly installed a dangerous app that runs dormant for a period of time or a seemingly trusted app that breaks its functionality and turns rogue – all with minimal impact on battery life.

“Cybercriminals exploit users’ inherent trust of popular…

Source…

Famed Hacker Unveils Wild Crack-In-The-Box Password Cracker Fueled By Dozens Of RTX 4090s

/in


A password cracking setup outfitted with multiple graphics cards.

Kevin Mitnick, a former black hat hooligan-turned-good-guy who spent several years in prison in the 1990s for various computer-related tomfoolery, is showing off a beastly setup outfitted with 30 high-end GeForce graphics cards. We know what you’re wondering—can it run Crysis? It certainly has enough firepower to push pixels around like a schoolyard bully on steroids. But what his setup is really designed to do is to crack passwords with the same speed and ease it would take Hercules to crack a walnut.

Anyone who is not familiar with Mitnick can look him up on Google or visit the Wikipedia entry on him for a quick history lesson. His hacking days started in his pre-teen years and it only gets more interesting from there. The US Department of Justice and Federal Bureau of Investigation are certainly familiar with the man who is widely considered to be the world’s most famous hacker—he eluded both agencies for years…up until he didn’t.

A successful “Free Kevin” movement helped Mitnick earn an early release after spending more than five years behind bars. These days he spends his time as a highly sought-after security consultant. He’s also the chief executive officer at Mitnick Security Consulting, and chief hacking officer at KnowBe4, among other roles on his ever-expanding resume.

Kevin Mitnick tweet showing off his password cracking setup.

In posts shared to both Facebook and Twitter, Mitnick uploaded photos of a “badass password cracker” that the team at KnowBe4 helped him set up and configure. The beastly configuration is outfitted with two dozen of NVIDIA’s flagship consumer graphics cards, the GeForce RTX 4090 based on the Ada Lovelace GPU architecture, as well as six GeForce RTX 2080 cards based on Turing.

“This is what companies come up against when we are hired for Red Team engagements. Our team now has a new large group of GPUs to crack passwords much, much faster,” Mitnick explains.

In security parlance, a Red Team engagement is essentially a simulated cyberattack. You can think of it as an intense security audit. Exposing vulnerabilities is inevitably part of the process, but that’s not the main goal. These simulated attacks test a company’s ability to detect and respond to security threats.

This process is of course…

Source…

Security Firm Unveils SSD With Built-In Ransomware Protection To Safeguard Data

/in


Cigent Technology is a data security company whose main product is the Data Defense software-as-a-service security suite. The company’s about to introduce a new line of SSDs, though, and one of those is pretty interesting: the Cigent Secure SSD+, with automated anti-ransomware technology that claims to be able to protect sensitive data from sneaky malware before it gets encrypted.

How does this work exactly? Well, Cigent says that there’s a microcontroller on the SSD that monitors all traffic going through the controller. It apparently uses machine learning (or “AI”) in some fashion to tell what traffic is normal everyday I/O and what is ransomware. Once it detects ransomware activity, the drive will lock and require multi-factor authentication to access files.

This brings up all kinds of questions, but thankfully, we have answers to a few of them. First of all, this scanning process supposedly has no impact on the performance of the drive because the microcontroller is connected to the SSD controller, and not in the main data path. Also, the technology isn’t infalliable—Cigent admits on the datasheet that it’s possible some data could be modified before the drive locks it.

That’s to say nothing of the still-unreliable nature of most machine learning technologies. In the worst case, having your drive locked until you unlock it isn’t that bad, but it could certainly be a huge problem if there are a lot of false positives. Likewise if the solution doesn’t actually work when it needs to. The Secure SSD+ datasheet says that it has “mature ML algorithms” that “provide protection against newest ransomware,” and also that detection sensitivity can be dynamically tuned, so that’s good, at least.

Still, Cigent says that it’s a much better solution than typical Endpoint Detection and Response (EDR) products because those offerings typically rely on responding after the attack has already occurred, not as it happens. In a statement to The Register, Cigent’s CRO says that the SSD puts attack prevention “as close to the data…

Source…

Malwarebytes unveils WorldBytes to help users reveal the hidden cyber threats around them

/in


Malwarebytes launched WorldBytes, a next-generation mobile security application that takes the malware scanning technologies that customers know and love and applies them to the first frontier of human evolution: real life interactions.

Malwarebytes WorldBytes

Powered by Malwarebytes and AI technology, WorldBytes empowers users to use their mobile devices to scan the world around them and get real-time threat assessments of anything and everything – including questionable Tinder dates, the unlabeled sauce at the back of their fridge and their neighborhood cat. The responses, powered by ChatGPT, humorously explain the potential cyber risks lurking within.

“We’re proud of our powerful malware scanning engine and the peace of mind it gives users by stopping threats on their devices,” said Mark Beare, GM of Consumer, Malwarebytes. “We took that same idea and brought it to the physical world with WorldBytes. Users can reveal the hidden cyber threats around them in a humorous way, helping to make cybersecurity accessible and relevant for all.”

Malwarebytes believes that cybersecurity can be effective, yet simple and intuitive for users. A recently launched campaign, “Protection You Can Trust,” leverages humor again to make cybersecurity engaging and accessible for all.

The campaign’s first two films poke fun at some of the internet’s most notorious troublemakers and illustrate how — with just a few clicks in Malwarebytes — you can scan, clean and protect your device, shutting down cyber threats and scams.

Source…