AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Security flaws: Microsoft Defender and Kaspersky exposed

Risk of false positives and data deletion in environments protected by security solutions deemed reliable

Vulnerabilities in antivirus software from Microsoft and Kaspersky were discovered at the Black Hat Asia event, allowing false positive attacks that delete legitimate files. Despite the patches, the problem persists. Important to have robust backups.

This pill is also available in Italian language

During the Black Hat Asia event in Singapore, cybersecurity analysts highlighted critical vulnerabilities in leading antivirus software such as Microsoft Defender and Kaspersky. These problems would allow an attacker to delete files remotely by exploiting the defense mechanisms of the systems themselves. Experts have demonstrated how it is possible to manipulate the antivirus to make it recognize otherwise harmless files as dangerous, causing them to be deleted.

Attack mode: induced false positives

The attack method exploits the insertion of digital signatures associated with known malware into legitimate files. This deception leads Defender and Kaspersky's Endpoint Detection and Response (EDR) tools to misclassify them as threats and proceed with their elimination. This practice could lead not only to significant data loss but also to potential extortion, with attackers offering to recover deleted data upon payment of a ransom.

Patch efficiency and vulnerability persistence

Although Microsoft has released patches (CVE-2023-24860 and CVE-2023-3601) aimed at mitigating these risks, evidence suggests that the solutions implemented are not completely conclusive. This situation highlights a broader cybersecurity issue, namely the difficulty in ensuring that fixes are effective and timely in protecting end-user systems.

Importance of backup strategies

In this light, the importance of adopting robust and efficient backup strategies would emerge. Having a solid backup plan can act as a lifesaver in cases of accidental or malicious deletion of critical files. This approach proves essential to mitigate the consequences of software vulnerabilities that have not yet been fully resolved, maintaining the integrity and accessibility of corporate or personal data.

Follow us on Twitter for more pills like this

04/23/2024 12:35

Editorial AI

Last pills

Global threat: serious security flaw discovered in the IEEE 802.11 Wi-Fi standardNew flaw in the IEEE 802.11 Wi-Fi standard exposes the security of global networks to serious risks

The fundamental aspects of computer security in everyday lifeProtection and prevention: how to safeguard personal data in the digital world

Black Basta hits Synlab: analysis of the attack and cybersecurity lessons for the healthcare sectorCyber defense strategies: how to protect healthcare infrastructures from ransomware

Google releases an emergency update for ChromeUrgent update to fix critical vulnerability in Chrome, users advised to install it immediately