More »

Synchronized Security

Synchronized Security

Next-gen security with real-time intelligence sharing between your endpoints and firewall. More »


Monthly Archives: May 2018

Why antivirus peace of mind doesn’t have to cost you… anything

Investing in an antivirus solution can often be a tedious task that requires a lot of forethought and research before you are willing to hand over large sums of hard-earned cash.

There are a lot of solutions out there that can promise the world, while installing a whole bunch of extra ‘add-on’ features that frankly most users won’t ever use or think about.

Paid antivirus solutions do have the potential to offer a lot of value for money, but for users who just need to get a robust degree of protection to thwart the latest immediate threats, free solutions can be a great alternative.

Bitdefender Antivirus Free takes this one step further, providing advanced real-time protection to Windows operating systems against a vast range of modern threats.

Bitdefender Antivirus Free Edition is blazing fast, free to use, and loaded only with the bare-bones protection features that every computer needs.

The solution leverages in-the-cloud scanning technology to effectively reduce the impact of the product on the system to zero, meaning you’ll essentially never notice any performance degradation at all.

Although it’s unobtrusiveness is at no sacrifice to the solution’s effectiveness, which is where this surprisingly powerful antivirus really shines.

Bitdefender Antivirus Free offers an intelligent approach to antivirus protection, with automatic protection against all e-threats.

The solution features market-leading virus scanning and malware removal, with powerful scan engines to ensure immediate removal of all malware, including worms, trojans, zero-day exploits, rootkits and spyware.

It also helps users thwart more modern and trending attacks, like ransomware, phishing and e-fraud, giving users peace of mind when accessing emails, online shopping or banking websites.

With real-time threat detection, the solution automatically checks for behavioural anomalies and closely monitors your active apps, taking immediate action when anything suspicious is detected.

It also leverages Bitdefender’s web filtering technology, ensuring that users never land on a harmful website.

Overall, Bitdefender Antivirus Free Edition is an antivirus solution that users can rely on, without shelling out any cash at all.

It uses a minimalistic approach to make sure of the one thing that matters, whether you’re a rookie or a techie, your PC will be defended against intruders.

Why security suites are ousting traditional antivirus programs

For a while, the humble antivirus was considered by many as a cure-all for any malicious piece of software or script that interfered with a user’s browsing experience. And it still does exactly that.

But here’s the crunch – criminals haven’t been idly sitting by and watching antiviruses destroy their attempts to profit from your computer.

In recent years, user privacy and security have become paramount, while criminals attempt to coerce, steal and manipulate users for their data. That data can be monetised, which means payday for the criminals.

Online security has evolved beyond traditional antivirus programs to offer a range of additional solutions that complement each other.

Security suites include antivirus protection in their solutions, but they can also offer VPNs, password managers, online banking, PC performance improvement, and parental controls.

Take Bitdefender, a cybersecurity firm that is trusted by more than 500 million people worldwide.

The Bitdefender Internet Security 2018 suite offers not only antivirus, but also a full range of security features covering protection, performance, and privacy for multiple devices.

Protection includes antivirus, webcam protection, anti-phishing protection, secure browsing, anti-fraud, and advanced threat defence.  Here’s a sampler of what each category can provide.

Performance includes Bitdefender Autopilot (it eliminates those nagging popups and dialog boxes), battery mode to optimise system settings, a global protective cloud network that has minimal impact on local resources.

Privacy includes a VPN that encrypts all of your internet traffic, a dedicated browser for online banking and shopping, a privacy firewall, social network protection, a password manager, file shredder, and a quick risk checker.

Bitdefender engineered all these features to receive continuous updates and continuous protection.

The company even spruced up its antivirus platform, called Bitdefender Antivirus Plus 2018, to include extra tools such as anti-phising, anti-fraud, Bitdefender VPN, social network protection, a password manager, and a file shredder. It’s not just an antivirus – it’s a package of tools to help keep your Windows device safe.

Security suites and antivirus programs are undoubtedly a necessary part of online protection. You should aim to combine tools that ensure overall system health and data privacy. Why? Because it’s less likely that criminals will get their hands on the information they desperately want to continue their crime sprees.

Bitdefender Antivirus Plus 2018 and Bitdefender Internet Security 2018 can take on those challenges and much more to provide a holistic and protected online experience.

Evil Malware Turns Antivirus Software Against PCs

A new proof-of-concept exploit known as DoubleAgent can not only hijack third-party Windows antivirus software, but use said software to deliver further attacks. While there’s no evidence that the exploit has made its way into the wild yet, most antivirus programs are still completely susceptible to it.

The entire point of antivirus software is to prevent malicious programs from compromising your system. But what happens when the malicious program in question can compromise your antivirus?

For now, only AVG , Malwarebytes and Trend Micro have patches available on coming soon. You could also just use a Linux or macOS instead of Windows, although they’re not entirely invulnerable, either. Or you could disable your existing third-party antivirus software and rely on Windows Defender, although it doesn’t hold up well against zero-day malware.

This research into DoubleAgent comes from Cybellum, an Israeli cybersecurity company that specializes in zero-day exploits. Although DoubleAgent is an artificially constructed bit of malware, the flaw it preys upon is very much a zero-day vulnerability.

Windows uses a tool called Microsoft Application Verifier that helps software developers check for bugs in Windows-based programs. Every Windows program is subject to the Verifier’s scrutiny, including antivirus software.

By crafting a phony registry key and a predatory DLL file for the Verifier to read, Cybellum was able to take full control over the Norton Security antivirus program. (A dynamic link library, or DLL, is a code repository that can used by more than one application. This attack uses the old “DLL hijack” technique to get an application to mistakenly load code from a malicious DLL.)

Cybellum even added a cheerful little skull graphic and the helpful message “You Have Been Hacked!” to Norton Security’s startup screen. Real hackers will probably not be so courteous.

Cybellum theorizes five possible attack vectors for cybercriminals using DoubleAgent. The first, and most obvious, scenario would be to turn the AV program itself into malware. A second, more subtle, method would be to leave the antivirus mostly alone, save for telling it to whitelist malware that malicious hackers want to spread. Similarly, a third method would tell the antivirus to ignore malicious remote activity, such as data-mining and decryption.

The other two methods are much less subtle, but just as devastating to the end-user. Antivirus programs often have top-level privileges, which would allow them to encrypt files or format a hard drive without the user’s permission. As such, antivirus software could be used as ransomware.

Finally, an attacker could make antivirus software flag and block any other application, causing a denial-of-service condition for just about any program on Windows, from an internet browser to a productivity tool. It’s not hard to see how an attack like this could cripple computers in a corporate setting, even if only for a day or two.

Remember, too, that DoubleAgent can compromise almost any program on Windows, not only antivirus software. Antivirus software, with its high system privileges, is just a quick and easy way to exploit this newly disclosed flaw.

“Since the DoubleAgent technique uses legitimate operating system mechanism to inject its code, it can’t be patched and this injection technique will live forever. So there is no notion of a patch,” the Cybellum blog noted.

Compromising a user’s antivirus program could theoretically be only the first step in a much more intricate attack. Microsoft does have a framework called Protected Processes that lets antivirus developers “sign” code to prevent such attacks — but until very recently, only Microsoft’s own Windows Defender program used it.

Cybellum shared its research with a number of antivirus companies. Vulnerable AV programs include those from Avast,Sophos, AVGAviraBitdefenderTrend Micro, ComodoESETF-SecureKaspersky Lab,  McAfeePanda, Quick Heal and Norton.

Bleeping Computer reports that Malwarebytes, AVG and Trend Micro have either been patched, or will have a patch in the immediate future. Other companies are hopefully working on fixes, but there’s no guarantee that they’ll keep you safe.

As usual, keeping your antivirus software patched and up-to-date is your best defense against DoubleAgent. Even if your AV provider isn’t one of the three with a fix (almost) ready, it will probably get an update sooner rather than later. Since DoubleAgent isn’t out in the wild just yet, you probably have a little time before the attacks begin in earnest — if they ever do.