Sat.Jan 08, 2022

article thumbnail

500M Avira Antivirus Users Introduced to Cryptomining

Krebs on Security

Many readers were surprised to learn recently that the popular Norton 360 antivirus suite now ships with a program which lets customers make money mining virtual currency. But Norton 360 isn’t alone in this dubious endeavor: Avira antivirus — which has built a base of 500 million users worldwide largely by making the product free — was recently bought by the same company that owns Norton 360 and is introducing its customers to a service called Avira Crypto.

Mining 344
article thumbnail

Unauthenticated RCE in H2 Database Console is similar to Log4Shell

Security Affairs

Researchers disclosed a critical RCE flaw in the H2 open-source Java SQL database which is similar to the Log4J vulnerability. Jfrog researchers discovered a critical vulnerability in the H2 open-source Java SQL database related to the Log4Shell Log4J vulnerability. The flaw, tracked as CVE-2021-42392 , could allow attackers to execute remote code on vulnerable systems, the good news is that unlike the Log4J issue it should not be as widespread.

IoT 140
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Weekly Update 277

Troy Hunt

Well that all changed very quickly. One week ago, I was like "I'm going to do this video from somewhere really epic next week" A few hours after that video, the host of the drinks we'd gone to over the road the day before told us she had symptoms. Another few hours later and she's COVID positive. A few days after that and Charlotte is positive too.

article thumbnail

FluBot malware continues to evolve. What’s new in Version 5.0 and beyond?

Security Affairs

Researchers warn of new campaigns distributing a new improved version of the FluBot malware posing as Flash Player. Researchers from F5 security are warning of a new enhanced version of the FluBot Android malware that that spread posed as Flash Player. A recent SMISHING campaign spotted by CSIRT KNF , FluBot targeted Polish users with a messaging asking them if to click on a link to view a video.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Norton Put a Cryptominer in Its Antivirus Software

WIRED Threat Level

Plus: NFT thefts, a ransomware wave in schools, and more of the week’s top security news.

IT 145
article thumbnail

Alfer Microsoft, also SonicWall confirmed that its products were affected by Y2K22 bug

Security Affairs

SonicWall confirmed that some of its Email Security and firewall products have been impacted by the Y2K22 bug. Security vendor SonicWall confirmed that some of its Email Security and firewall products have been impacted by the Y2K22 bug. According to the company, starting January 1, 2022, its Email Security products began experiencing an issue causing junk box and message log updates to fail.

IT 97