Archive for the ‘antivirus’ Category

Windows Built-in Antivirus Gets Secure Sandbox Mode – Turn It ON

October 29th, 2018
Microsoft Windows built-in anti-malware tool, Windows Defender, has become the very first antivirus software to have the ability to run inside a sandbox environment. Sandboxing is a process that runs an application in a safe environment isolated from the rest of the operating system and applications on a computer. So that if a sandboxed application gets compromised, the technique prevents its

Posted in anti malware, Anti-virus, antimalware, antivirus, Antivirus Sandbox, Best Antivirus, cybersecurity, microsoft, Microsoft Antivirus, sandbox, sandbox bypass, sandboxing, windows antivirus, Windows Defender | Comments (0)

Microsoft Adding Artificial-Intelligence Based Advanced Antivirus to Windows 10

June 28th, 2017

Microsoft is making every effort to make its Windows operating system more secure and advanced than ever before by beefing up its security practices and hardening it against hackers and cyber attacks in its next release.

With the launch of its Windows 10 Creator Update (also known as RedStone 3), which is expected to release sometime between September and October 2017, Microsoft is planning

Posted in AI Technology, antivirus, antivirus software, Artificial intelligence, Best Antivirus, malware protection software, secure windows 10, Windows 10, windows 10 antivirus | Comments (0)

Amenazas avanzadas demandan un nuevo abordaje para la seguridad del endpoint

June 28th, 2017

Una nueva onda de malware avanzado está buscando lagunas en las defensas de los endpoints convencionales y nuevas formas de explorarlas. Esos malwares usan técnicas como criptografía y polimorfismo para mascarar su verdadera intención, alcanzando las empresas con ataques de “día-cero”, los cuales las herramientas de seguridad basadas en firma no consiguen identificar.

Esos ataques usan ejecutables ​​sofisticados capaces de reconocer cuando están siendo analizados en herramientas de sandbox ​​y, así, atrasar la ejecución. Ellos también incluyen archivos legítimos y aplicativos que aparecen limpios en la superficie, pero que contienen código malicioso embutido y accionado por gatillos posteriores.

Los responsables por la seguridad en las empresas corren contra el reloj para detectar, contener y remediar las nuevas amenazas y muchas veces no lo consiguen. Cuando varios productos de defensa de endpoint no se comunican unos con los otros, eso exige etapas extras y gran esfuerzo manual de los administradores. Muchos recursos son necesarios para filtrar tantas alertas, generadas por varias soluciones en varios puntos diferentes. Y el tiempo entre la detección y la remediación solo aumenta.

Es necesario pensar en un abordaje de seguridad diferente para aumentar la protección del endpoint. Imagine un sistema unificado, totalmente integrado, con varias capas de defensa que pudiese responder a nuevos eventos inmediatamente, sin intervención humana. En vez de depender de diversas herramientas de seguridad diferentes, usar técnicas de machine learning para parar la mayoría de las amenazas antes que ellas alcancen los endpoints.

Para contener amenazas avanzadas y de día-cero es necesario incluir análisis de estructura y comportamiento de malwares en el sistema de seguridad. Los ciber-criminosos pueden alterar el aspecto del código, pero aún será un malware. Por lo tanto, es probable que comparta muchos atributos con ataques ya conocidos, lo que torna posible analizar el código binario estático para comparar la estructura de los ejecutables sospechosos con las amenazas ya conocidas.

De la misma forma, incluso siendo desconocido, el malware va siempre a seguir cierto comportamiento. Al comparar el comportamiento real del código con perfiles de centenares de millones de muestras de malware es posible identificar y bloquear el archivo si este empieza a comportarse maliciosamente, como sustituir archivos o hacer alteraciones de registro que correspondan al comportamiento de otro malware conocido.

Con esos recursos es posible reducir las etapas manuales e interrumpir la mayoría de las amenazas antes que esas puedan damnificar el endpoint. Al usar defensas integradas y automatizadas, el resultado es un modelo en constante evolución, cada nueva amenaza detectada mejora las defensas de la organización como un todo.

 

*Bruno Zani es gerente de ingeniería de sistemas de McAfee en Brasil

The post Amenazas avanzadas demandan un nuevo abordaje para la seguridad del endpoint appeared first on McAfee Blogs.

Posted in Advanced Persistent Threats, Advanced Threat Defense, antivirus, endpoint security, Español | Comments (0)

Webroot ‘mistakenly’ flags Windows as Malware and Facebook as Phishing site

April 25th, 2017

Popular antivirus service Webroot mistakenly flagged core Windows system files as malicious and even started temporarily removing some of the legit files, trashing user computers around the world.

The havoc caused after the company released a bad update on April 24, which was pulled after approximately 15 minutes. But that still hasn’t stopped some PCs from receiving it, causing serious

Posted in antimalware, antivirus, antivirus software, webroot antivirus, windows antivirus, windows crash | Comments (0)

New Versions of Cloud Workload Discovery and McAfee MOVE AntiVirus Now Available!

April 20th, 2017

As part of our continued enhancements to our server security solutions, Cloud Workload Discovery 4.5.1 was released on March 27, 2017 and the McAfee MOVE AntiVirus 4.5.1 release followed on April, 20 2017.  These solutions have some valuable new features and benefits that I’d like to share with you.

Cloud Workload Discovery 4.5.1

Let’s start with Cloud Workload Discovery 4.5.1.  Cloud Workload Discovery, covering VMware, OpenStack, AWS and Microsoft Azure, provides end-to-end visibility into cloud workloads and their underlying platforms. You can get an in-depth description of Cloud Workload Discovery in our previous blog, “New Server Security Release Makes Borderless Cloud Security a Reality”.  Prior to version 4.5.1, Cloud Workload Discovery was available to work with two of Intel Security’s antivirus solutions, McAfee VirusScan Enterprise and McAfee MOVE AntiVirus.

Cloud Workload Discovery 4.5.1 extends visibility to McAfee Endpoint Security for AWS and Microsoft Azure workloads.  McAfee Endpoint Security is a collaborative, extensible framework for protecting Microsoft Windows and Linux servers against zero-day exploits and advanced attacks. Now that Cloud Workload Discovery supports McAfee Endpoint Security, we are adding two of its modules, Threat Prevention and Firewall, to all three of our server security suites, McAfee Server Security Suite Essentials and McAfee Server Security Suite Advanced for hybrid cloud protection and McAfee Public Cloud Security Suite.

Threat Prevention scans for viruses, spyware, unwanted programs and other threats – automatically with user access or on demand at any time.  The Firewall module monitors communication between the computer and resources on the network and the Internet to intercept suspicious communications.

 McAfee MOVE AntiVirus 4.5.1

McAfee MOVE AntiVirus is a key component of McAfee Server Security Suite Essentials and  McAfee Server Security Suite Advanced.  McAfee MOVE AntiVirus can now protect Linux virtual machines in agentless deployments as part of the 4.5.1 release, including 64-bit versions of SUSE Linux Enterprise Server 12, Red Hat Enterprise Linux 7 and Ubuntu 14.04 LTS.  This includes all the Linux distributions supported by VMware NSX 6.3. In addition, McAfee MOVE Antivirus (Agentless) is now certified for VMware NSX 6.3 so that customers can be sure that these solutions work seamlessly together.

Learn More

Here’s some links for our server security suites and McAfee MOVE AntiVirus if you’d like to find out more about these solutions:

McAfee Server Security Suite Essentials

McAfee Server Security Suite Advanced

McAfee Public Cloud Server Security Suite

McAfee MOVE AntiVirus

The post New Versions of Cloud Workload Discovery and McAfee MOVE AntiVirus Now Available! appeared first on McAfee Blogs.

Posted in antivirus, Cloud security, endpoint security, Security Connected | Comments (0)

Critical Flaw in ESET Antivirus Exposes Mac Users to Remote Hacking

February 28th, 2017

What could be more exciting for hackers than exploiting a vulnerability in a widely used software without having to struggle too much?

One such easy-to-exploit, but critical vulnerability has been discovered in ESET’s antivirus software that could allow any unauthenticated attackers to remotely execute arbitrary code with root privileges on a Mac system.

The critical security flaw, tracked

Posted in antivirus, Apple Mac OS, eset antivirus, Google Security, hacking news, Mac security, remote code execution, Vulnerability | Comments (0)

RansomFree Tool Detects Never-Seen-Before Ransomware Before It Encrypts Your Data

December 20th, 2016

Ransomware has risen dramatically since last few years, so rapidly that it might have already hit you or someone you know.

With hundred of thousands of ransomware variants emerging every day, it is quite difficult for traditional signature-based antivirus tools to keep their signature database up-to-date.

So, if signature-based techniques are not enough to detect ransomware infection, then

Posted in anti-ransomware, antivirus, computer virus, Malware removal tool, RansomFree, ransomware, virus Removal | Comments (0)

How to Protect All Your Internet-Connected Home Devices From Hackers

December 12th, 2016

How many Internet-connected devices do you have in your home? I am surrounded by around 25 such devices.

It’s not just your PC, smartphone, and tablet that are connected to the Internet. Today our homes are filled with tiny computers embedded in everything from security cameras, TVs and refrigerators to thermostat and door locks.

However, when it comes to security, people generally ignore to

Posted in antivirus, Bitdefender, Bitdefender BOX, Internet of things, iot devices, IoT security, secure smart devices, smart home | Comments (0)

Antivirus Firm Kaspersky launches Its Own Secure Operating System

November 24th, 2016

The popular cyber security and antivirus company Kaspersky has unveiled its new hack-proof operating system: Kaspersky OS.

The new operating system has been in development for last 14 years and has chosen to design from scratch rather than relying on Linux.

Kaspersky OS makes its debut on a Kraftway Layer 3 Switch, CEO Eugene Kaspersky says in his blog post, without revealing many details

Posted in antivirus, hacking news, Kaspersky Antivirus, kaspersky operating system, Kaspersky OS, Microkernel, Secure Operating System, Technology News | Comments (0)

McAfee MOVE AntiVirus Performance Advantages

September 27th, 2016

Are you trying to decide if you really need to invest in an antivirus solution optimized for your virtualized environment?  If so, check out the results from our latest performance testing that compares McAfee Management for Optimized Virtual Environments AntiVirus (McAfee MOVE AntiVirus) 4.0 to traditional antivirus software.

McAfee MOVE AntiVirus for virtual desktops and servers is uniquely designed to relieve the overhead of traditional antivirus and provide even better protection.  Our performance tests show that by optimizing and offloading virus scanning, McAfee MOVE AntiVirus enables you to minimize the performance impact on virtual servers and reduce security resources.

 

911_0816_table2

 

Performance Test Results

.DAT storm test

All test clients for traditional antivirus receive .DAT updates in parallel, creating a heavy load on the underlying hypervisor.  McAfee MOVE AntiVirus performs updates on the offload scan server so that they do not negatively impact VMs, resulting in significant advantages over traditional antivirus.

  • 87% less CPU usage.
  • 93% less network usage.
  • 92% less disk usage.

DAT Storm chart

All parameters were recorded at the host level.  McAfee MOVE AntiVirus used one offload scanner with 150 clients.

 

On-demand scan (ODS) storm with cache test

Due to numerous concurrent scans, host resources with clients running traditional antivirus are severely impacted during an ODS storm.  Clients with McAfee MOVE AntiVirus perform much better because caching avoids repeatedly scanning the same files across clients.  This produced these improvements over traditional antivirus during an ODS storm.

  • 70% less CPU usage.
  • 75% less network usage.
  • 75% less disk usage.

 

ods-storm-chart

This graphic depicts resource utilization at the host level when simultaneously running ODS on 150 VMs.  All clients have a pre-populated cache.

Enablement of McAfee Threat Intelligence Exchange Test

McAfee Threat Intelligence Exchange is available for multiplatform deployment of McAfee MOVE AntiVirus.  When a McAfee Threat Intelligence Exchange server is configured with McAfee MOVE AntiVirus, fewer files are transferred to the offload scanner, resulting in significant scan avoidance.

 

offload-scanner-chart

This test, which runs an ODS on 70 VMs with McAfee Threat Intelligence Exchange enabled and a pre-populated cache on the offload scan server, shows a 75% reduction in file transfer between client and offload scan server.

Summary

McAfee MOVE AntiVirus improves the security of workloads deployed on virtual infrastructure with minimal impact on performance and resource utilization.  For additional information, click here.

 

 

 

 

The post McAfee MOVE AntiVirus Performance Advantages appeared first on McAfee.

Posted in antivirus, Security Connected, Virtualization | Comments (0)