Tag Archive for: SOFTWARE

10 Best Antivirus Software (April 2024) – Forbes Advisor

/in


There are many antivirus programs available, and it can be difficult to choose the best one. The most important thing to consider is what type of protection you need. Some programs are better at detecting viruses, while others are better at preventing malware attacks. You should also consider how frequently the software updates, the compatibility with each of your devices and customer support.

Reliable Threat Protection

When it comes to choosing antivirus software, the most important thing to consider is the level of protection it provides against threats. The best antivirus software uses a variety of methods to protect your computer, including signature-based detection, heuristic-based detection, behavior monitoring, sandboxing and artificial intelligence.

Some threats, such as ransomware, are difficult to detect and require a multilayered approach to security. Others, such as viruses, are easier to detect but can still do a lot of damage if they’re not removed quickly. To assess how reliable antivirus software is, you should look at independent lab results and user reviews in addition to ensuring it takes a multilayered approach to threat prevention, detection and removal.

Frequent Updates

The best antivirus software is constantly updated to stay ahead of the latest threats. This is important because new threats are created all the time and old threats are constantly evolving. To ensure your computer is protected, you should look for an antivirus program that updates its database of known viruses regularly.

Your software should also update its virus definitions at least once a day, but more frequently is better. Some programs allow you to set the frequency of updates, while others update automatically. Most sales pages will tell you how frequently the software updates. If it doesn’t, ask before you purchase.

Cost

Users should expect to pay around $30 to $40 for a year’s subscription to an antivirus program that provides reliable threat protection, frequent updates and good customer support. This price may vary depending on the features offered by the program. For example, a business usually pays more for priority support than a home user.

The main…

Source…

Rise of Zero-Day Vulnerabilities: Enterprise Software Now a Prime Target for Hackers With 64% YoY Surge

/in


In the fast-paced world of cybersecurity, “zero-day” vulnerabilities loom as a formidable challenge for tech giants investing billions in enhancing user experiences. These vulnerabilities are mostly software flaws that developers fail to detect, leaving no immediate patches or fixes available to protect against potential exploitation. According to a recent report, “Google’s Threat Analysis Group,” the year 2023 witnessed a significant rise in the exploitation of zero-day vulnerabilities.

To be precise, the exploitation of zero-day vulnerabilities increased a notable 56.5% YoY, from 62 in 2022 to 97 in 2023. However, this number fell short of the record set in 2021, when 106 zero-day vulnerabilities were observed being exploited.

The surge in vulnerability exploitation suggests that hackers are becoming more aggressive and adept at discovering and using vulnerabilities to launch cyberattacks.

As these vulnerabilities are exploited, Commercial Surveillance Vendors (CSVs) emerge as key players in the cyber threat ecosystem. In 2023, CSVs were responsible for 75% of known zero-day exploits targeting Google products and Android ecosystem devices, comprising 13 out of 17 vulnerabilities. These CSVs specialize in selling spyware capabilities to government clients for surveillance activities.

Out of the 37 zero-day vulnerabilities exploited in browsers and mobile devices in 2023, more than 60% were attributed to Commercial Surveillance Vendors (CSVs).

Attackers have also increased their efforts to exploit vulnerabilities within third-party components and libraries. This strategy was chosen because exploiting these vulnerabilities could potentially impact multiple products simultaneously.

Threat actors across various motivations actively sought out vulnerabilities in products or components that offered broad access to multiple targets, reflecting a scalable and effective approach to launching attacks.

It is important to note that there was a whopping 64% YoY increase in the number of vulnerabilities targeted by hackers in enterprise-specific technologies during 2023. This trend was further evidenced by the widening range of enterprise vendors targeted since at least 2019,…

Source…

Bitdefender Fixes Major Security Vulnerability: Patch Your Software Now

/in


Bitdefender has released a patch for a major security flaw in its products that could expose users’ devices to third-party access.

Under the Common Vulnerability Scoring System (CVSS), this threat — CVE-2023-6154 — scored 7.8, representing a serious threat to users of the affected products. Hackers can exploit the vulnerability to gain control over your device, siphon off personal information, or install malware on your computer.

Vulnerability CVE-2023-6154: Local Privilege Escalation

The vulnerability in question impacts a number of Bitdefender software, including Total Security: 27.0.25.114; Internet Security: 27.0.25.114; Antivirus Plus: 27.0.25.114; and Antivirus Free: 27.0.25.114.

According to Bitdefender, the bug is a configuration issue in the seccenter.exe executable. By leveraging this vulnerability, attackers can control and influence the behavior of the software, allowing them to execute third-party libraries.

Thankfully, Bitdefender detected and issued a patch for the vulnerability that plugs the security hole in the above antivirus packages.

Bitdefender Has Faced Privilege Escalation Vulnerabilities Before

This isn’t the first time that Bitdefender has had issues with vulnerabilities. In 2020, Bitdefender Antivirus Free was found to have issues within two processes — vsserv.exe and updatesrv.exe.

These processes, which have the highest level of system permissions, could be hijacked to execute third-party, malicious scripts, according to a report by SafeBreach. Bitdefender fixed the bug a month after it was reported.

It’s not uncommon for vulnerabilities to be detected in cybersecurity products and other software. That’s why bug bounties and white hat hackers exist; they look for and report on issues like these before cybercriminals can exploit them.

How to Patch Your Bitdefender Software

If you use any of the affected Bitdefender software, we recommend updating your app immediately to receive the security patch. Here’s how:

  1. Open the Bitdefender app on your device.
  2. Click on “Update Now.”

Bitdefender sits second place in our ranking of the best antivirus solutions. To learn more about this…

Source…

Bitcoin-Stealing Malware Disguised as Cheat Software for Popular Games; Millions of Gamers at Risk

/in


Many gamers looking for third-party cheat software to gain a competitive edge in popular titles like Call of Duty (COD), Diablo, and World of Warcraft (WoW) have had their Electrum Bitcoin wallets drained by malware.

This malware campaign, orchestrated by an unidentified actor, potentially affected over 4.9 million gaming accounts across various platforms, info security firm VX Underground said on Wednesday. The exact amount of funds stolen from users is unknown at this time.

On Thursday, TechCrunch said the malware was first uncovered by COD cheat software developer “Zeebler,” who warned gamers about the threat.

“The scope of the impact is so large, and in a bizarre twist of fate, Activision Blizzard is coordinating with cheat providers to aid users impacted by the massive infostealer campaign,” VX Underground said on X (formerly Twitter).

About 4.9 Million Gaming Accounts at Risk

According to VX Underground, the crypto-swiping malware may have impacted 561,183 Activision accounts, 3,662,627 million Battle.net accounts, 117,366 ElitePVPers accounts, 572,831 UnknownCheats accounts, and 1,365 PhantomOverlay accounts.

“When Elite PVPers was approached by PhantomOverlay administrative staff about the compromised accounts, Elite PVPers confirmed they have identified 40,000+ valid user accounts compromised,” VX Underground said. “These are seemingly freshly stolen credentials and are not present from previous publicly available credential dumps.”

VX Underground noted that not all victims of the malware attack were seeking cheat software for games. Some were using “software for latency improvement (?), VPNs, and Controller Boosting software.”

A source told TechCrunch that Activision Blizzard is trying to “help remove the malware” and is “working on identifying and remediating player accounts for anyone affected.” Meanwhile, Activision spokesperson Delany Simmons told the news outlet that the company’s servers “remain secure and uncompromised.”

It isn’t uncommon for hackers to target gamers with compromised software. In June 2023, Cyble Research & Intelligence Labs said threat actors are using trojanized versions…

Source…