AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Security flaws: Microsoft Defender and Kaspersky exposed

Risk of false positives and data deletion in environments protected by security solutions deemed reliable

Vulnerabilities in antivirus software from Microsoft and Kaspersky were discovered at the Black Hat Asia event, allowing false positive attacks that delete legitimate files. Despite the patches, the problem persists. Important to have robust backups.

This pill is also available in Italian language

During the Black Hat Asia event in Singapore, cybersecurity analysts highlighted critical vulnerabilities in leading antivirus software such as Microsoft Defender and Kaspersky. These problems would allow an attacker to delete files remotely by exploiting the defense mechanisms of the systems themselves. Experts have demonstrated how it is possible to manipulate the antivirus to make it recognize otherwise harmless files as dangerous, causing them to be deleted.

Attack mode: induced false positives

The attack method exploits the insertion of digital signatures associated with known malware into legitimate files. This deception leads Defender and Kaspersky's Endpoint Detection and Response (EDR) tools to misclassify them as threats and proceed with their elimination. This practice could lead not only to significant data loss but also to potential extortion, with attackers offering to recover deleted data upon payment of a ransom.

Patch efficiency and vulnerability persistence

Although Microsoft has released patches (CVE-2023-24860 and CVE-2023-3601) aimed at mitigating these risks, evidence suggests that the solutions implemented are not completely conclusive. This situation highlights a broader cybersecurity issue, namely the difficulty in ensuring that fixes are effective and timely in protecting end-user systems.

Importance of backup strategies

In this light, the importance of adopting robust and efficient backup strategies would emerge. Having a solid backup plan can act as a lifesaver in cases of accidental or malicious deletion of critical files. This approach proves essential to mitigate the consequences of software vulnerabilities that have not yet been fully resolved, maintaining the integrity and accessibility of corporate or personal data.

Follow us on Threads for more pills like this

04/23/2024 12:35

Marco Verro

Last pills

Italy's success in cybersecurityHow Italy achieved excellence in global cybersecurity: strategies, collaborations, and international successes

IntelBroker alleged breach of Deloitte systemsServer exposed: how Deloitte's security may have been compromised by a cyber attack

Vo1d infections on Android TV boxes: how to protect your devicesLearn the essential measures to protect your Android TV boxes from the dreaded Vo1d malware and keep your devices safe from cyber threats

Hacker attack in Lebanon: Hezbollah under fireTechnological shock and injuries: cyber warfare hits Hezbollah in Lebanon