Code injection vulnerability in Bitdefender Total Security 12.0 (and earlier), Internet Security 12.0 (and earlier), and Antivirus Plus 12.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Bitdefender process via a “DoubleAgent” attack. One perspective on this issue is that (1) these products do not use the Protected Processes feature, and therefore an attacker can enter an arbitrary Application Verifier Provider DLL under Image File Execution Options in the registry; (2) the self-protection mechanism is intended to block all local processes (regardless of privileges) from modifying Image File Execution Options for these products; and (3) this mechanism can be bypassed by an attacker who temporarily renames Image File Execution Options during the attack.
Monthly Archives: March 2017
CVE-2016-6650
EMC RecoverPoint versions prior to 5.0 and EMC RecoverPoint for Virtual Machines versions prior to 5.0 have an SSL Stripping Vulnerability that may potentially be exploited by malicious users to compromise the affected system.
CVE-2017-6417
Code injection vulnerability in Avira Total Security Suite 15.0 (and earlier), Optimization Suite 15.0 (and earlier), Internet Security Suite 15.0 (and earlier), and Free Security Suite 15.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Avira process via a “DoubleAgent” attack. One perspective on this issue is that (1) these products do not use the Protected Processes feature, and therefore an attacker can enter an arbitrary Application Verifier Provider DLL under Image File Execution Options in the registry; (2) the self-protection mechanism is intended to block all local processes (regardless of privileges) from modifying Image File Execution Options for these products; and (3) this mechanism can be bypassed by an attacker who temporarily renames Image File Execution Options during the attack.
CVE-2017-5567
Code injection vulnerability in Avast Premier 12.3 (and earlier), Internet Security 12.3 (and earlier), Pro Antivirus 12.3 (and earlier), and Free Antivirus 12.3 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Avast process via a “DoubleAgent” attack. One perspective on this issue is that (1) these products do not use the Protected Processes feature, and therefore an attacker can enter an arbitrary Application Verifier Provider DLL under Image File Execution Options in the registry; (2) the self-protection mechanism is intended to block all local processes (regardless of privileges) from modifying Image File Execution Options for these products; and (3) this mechanism can be bypassed by an attacker who temporarily renames Image File Execution Options during the attack.
CVE-2017-5566
Code injection vulnerability in AVG Ultimate 17.1 (and earlier), AVG Internet Security 17.1 (and earlier), and AVG AntiVirus FREE 17.1 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any AVG process via a “DoubleAgent” attack. One perspective on this issue is that (1) these products do not use the Protected Processes feature, and therefore an attacker can enter an arbitrary Application Verifier Provider DLL under Image File Execution Options in the registry; (2) the self-protection mechanism is intended to block all local processes (regardless of privileges) from modifying Image File Execution Options for these products; and (3) this mechanism can be bypassed by an attacker who temporarily renames Image File Execution Options during the attack.
CVE-2017-5565
Code injection vulnerability in Trend Micro Maximum Security 11.0 (and earlier), Internet Security 11.0 (and earlier), and Antivirus+ Security 11.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Trend Micro process via a “DoubleAgent” attack. One perspective on this issue is that (1) these products do not use the Protected Processes feature, and therefore an attacker can enter an arbitrary Application Verifier Provider DLL under Image File Execution Options in the registry; (2) the self-protection mechanism is intended to block all local processes (regardless of privileges) from modifying Image File Execution Options for these products; and (3) this mechanism can be bypassed by an attacker who temporarily renames Image File Execution Options during the attack.
Protect Your Instagram Account From Spambots
Comments that have nothing to do with the photo you’ve posted, followers that don’t seem completely human despite their profile picture, messages from unknown accounts containing suspicious links or offering to help you get followers… It’s likely that you or some of your friends and maybe even the social media manager at your company have run up against this kind of thing on Instagram.
Spambots continue to be a major headache for the Facebook-owned social network that has over 600 million users. According to a study carried out by Italian researchers, 8% of Instagram accounts are false.
This is a blight on the company’s image, and has led to some embarrassing occurrences, like the time when spammers inundated feeds with a multitude of pornography. Apart from that, there are plenty of brands that use bots to swell the numbers of their followers, a practice that Instagram prohibits. So what can you do about this?
Instagram offers its users a few tools to report spam. The user can delete a comment that she considers offensive and report it, block a user or inform the social network that a profile or a publication is potentially suspicious. For example, if you see that a user does not share photos, follows hundreds of people and only posts comments with links, it could well be a ‘spammer’, although generally try to hide it using an attractive profile photo.
Recently, the social network has included new options to protect privacy. If you’ve decided to make your account private (which is advisable if you don’t want strangers browsing through your photos), then you can now remove followers without having to block them.
Also, all Instagram users can now use an automatic filter that eliminates comments which include a word considered offensive by the community or by the user. Just go to Options, Comments, and Hide inappropriate comments. In fact, you can disable comments on photos and videos altogether.
On the other hand, if an unknown follower sends you a direct message, it is best not to click on the link. It could be a bot sending a malicious ‘link’. It is also possible that its intention is to start a phishing attack.
Improving Instagram account privacy by adding two-step verification, using a strong password, and being careful about sharing content are other tips to avoid running into security problems with your personal or company accounts. And of course, if your using any social network from work computers, Panda Security’s advanced cybersecurity solutions for companies could be a great help in preventing spam from leading to the downloading of malware.
The post Protect Your Instagram Account From Spambots appeared first on Panda Security Mediacenter.
Latest Tax Scams Include Phishing Lures, Malware
Microsoft warns this year’s crop of tax scams use social engineering attacks based on fear to spread banking Trojans and collect personal info.
OpenSCAP Libraries 1.2.14
The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.
Ubuntu Security Notice USN-3240-1
Ubuntu Security Notice 3240-1 – It was discovered that the NVIDIA graphics drivers contained a flaw in the kernel mode layer. A local attacker could use this issue to cause a denial of service.