Independent Tests of Anti-Virus Software

1. Real-World Protection Test May 2018 Factsheet., 15 [−]

The factsheet of the Consumer Real-World Protection Test of May is now available! It can be found here.

2. Spotlight on security The end of Net Neutrality?., 15 [−]

Normally we post on what security news topped the media. This months blog covers the end of the Net Neutrality legislation. Net neutrality was initiated by the Obama administration. Ironically Trump buried both Net Neutrality legislation and media coverage with his historic meeting on neutral grounds with Kim-Jong un. Is Net Neutrality legislation obsolete or has the open internet for all just suffered a serious setback?

Net neutrality legislation enforced US Internet Service Providers (ISPs) to give access to everyone equally, meaning no person or party offering information on the internet would get higher traffic priority or better bandwidth speed.

Apposing this government regulation idea are large ISPs like Comcast, AT&T and Verizon. They dont like the government to interfere with their business. Those ISPs argue that regulation reduces the incentive to innovate which is bad for consumers. The chairman of the United States Federal Commission for Communication (FCC) claimed that investments in the internet had dropped, since the introduction of the Net Neutrality legislation. According to the lobby of these the big ISPs this governmental control is especially bad for smaller ISPs. Smaller companies dont have the means to implement legislation and new technology simultaneously. This is bad for innovation and ultimately consumers also.

Opposing those big ISPs are the big Internet companies like Google, Facebook and Netflix. Many people argue that information is a common service needing legislation like any public service to guarantee equal access to this infrastructure for all. When infrastructure owning companies (like Comcast) charge content creating companies (like Netflix) for fast access, this would be bad for innovation. Big established companies like Google, Facebook and Netflix are able to carry such costs, but new small startups would not be able to attract the funding to pay for fast access. Since most innovation comes from small companies, this would be bad for innovation and ultimately consumers also.

From a distance the discussion against and in favour of Net Neutrality seems to have the same effects: it does not matter which side of the coin surfaces because both options are bad for smaller companies, innovation and the consumers. So, it looks like a pot calling the kettle black situation.

We dont think the ISPs will fall back to secretly throttling internet traffic like they did before the Net Neutrality legislation. They will probably learn from the business models of the content controlling companies by either offer a free advertisement supported service like Google and Facebook or charge for premium ad-less access like Netflix.

3. Spotlight on security: How to recognize email scams., 28 [−]

Analysis reports of several sources ( US, UK) show that email is and remains the number one delivery vehicle of malware. The reason why email is so popular is because half of the people will open an email of an unknown sender. Email scams play on peoples emotion to trick them into opening emails. In this months spotlight on security we will explain what psychological tactics scammers use to take you off-guard and lower your fences.

Tactic 1: Using anger to trick you into opening emails

An email with an invoice for goods you did not buy or a speeding ticket for a car you dont own most likely will trigger the emotion anger. Emotions are handled in our emotional brain or limbic system. This is exactly what scammers want, they dont want you to think rationally, but react instantly to increase the chance of opening an URL or attachment. The fake-invoice is the most used and most successful tactic in email scams.

Tactic 2: The fast track to fortune lure for the greedy

The ancient Romans made sacrifices to the goddess of Fortune hoping she would spill richness out of the horn of plenty. Today people still buy lottery tickets, bet on sports game and gamble in casinos. Scammers combine this deep rooted believe in luck with the lure of instant money (greed) to stimulate us to use our instinctive brain. Our instinctive or primal brain operates at an even lower level than our emotional brain. The money transfer and claim your price are well known scams to trick people into sending their banking details.

Tactic 3: The short cut to success appeal for the lazy

Investment and job opportunity scams often use phrases like get the life you deserve and stop working for someone else combined with pictures of someone living the life of the rich and the famous. Rationally we all know there is no short cut to success, but in movies it seems simple. The 90-minute time frame of a movie helps to create this illusion, giving some people the idea (hope) it could happen to them to. Scammers appeal to the desire to gain power and prestige. Gaining or losing power correlated in prehistory with the ability to feed and protect woman and increase the chance to reproduce. These stimuli are handled in our instinctive (primal) brain making it an ideal bait for email scams.

Tactic 4: Predating on mans oldest sin (lust)

Scammers take advance of all human weaknesses. It is not a coincidence that anger (Ira), greed (Avaritia), laziness (Acedia) and lust (Luxuria) all are classical sins. Inevitably lust is used to seduce people in romance and dating scams. Sexual stimuli are handled in our instinctive (primal) brain. Preventing us to think rationally is again the scam tactic used. Scammers changed their field of play to social media and dating sites for this type of scam. Recently a revival has been seen with the your camera has been hacked email scam asking a crypto-ransom in return for the embarrassing recordings.

Tactic 5: Pressing for payment using surprise and seniority

Personalized phishing or spear phishing targets specific organizations or individuals within an organization. The example below clearly illustrates how a scammer uses emotion (surprise) and instinct (fear to say no to a boss) to spiral down the victims state of mind from thinking rationally to acting mindlessly. Imagine a junior accountant checking his email just before closing office at Friday. He receives a spoofed email from a senior executive asking him whether he is still at work. Surprised and charmed with the attention of a senior manager, he answers yes. Then the scammer throws in the bait do you know how to make payments?. A second hesitated Yes puts the poor junior on the hook. The scammer has achieved role confirmation (senior asking is directing – junior answering is obeying) and raised the threshold to say no to a payment request (the junior himself said he could do it). The next mail explains the importance of the payment and necessity to pay now. A final do you understand forces the poor junior to yes for the third-time in a row. Next the spammer makes the strike by asking the junior to perform an immediate payment.

Read our IT-security tips on our website: Email security

4. Spotlight on security: three reasons why you should select an Android security app with care and caution., 26 [−]

In 2014 an antivirus program called Virus Shield was able to earn over 100.000 dollars in less than 10 days. The only thing this fake security app did was to change its icon color and show a progress bar of an imaginary malware scan. After the scan finished it told the user the device was free of malware. Over 30.000 people downloaded the app and gave it a 5-star rating on Google Play Store. Here are three reasons why you should select an Android security app with care and caution:

Reason 1: dont confuse user perception with actual protection

For security software the saying if it looks like a duck, walks like a duck, quacks like a duck is no guarantee it really is a duck. Fraudulent apps love to disguise themselves as security applications, because users are inclined to grant security apps more privileges. According to Google Play product manager Andrew Ahn there are some clear patterns in how malicious developers try to sneak their apps into the Google Play store. They try to make their apps look like popular apps to trick users into installing them. This is the reason why news articles appear in the media with headlines like Can you trust your Android antivirus software? Malicious fake protection apps flood Google Play Store.

Reason 2: official sources are safer, but still not 100% safe

Google is putting a lot of effort in making Google Play Store safer. The 2017 Android security report ( PDF) states that Google Play Store is 9 times safer than other download sources. In 2017 automated malware scans removed over 39 million malicious apps from the Google Play Store. Despite the automated scan improvements in Google Play Store it is a chase and run game with malware writers. Instead of a flood, ZDnet reports in January 2018 that (only) 36 malicious phony security apps were found in Google Play store distributing malware, tracking users. According to Google malicious apps are only a fraction of the total number of apps available. When there are only 36 malicious security apps, how many security apps are available on Google Play Store to choose from? The best way to find out is to select all security apps we can find on Google Play Store and test them in real-world circumstances against a representative set of malware samples.

Reason 3: the proof of the pudding is in the eating

To help owners of Android devices to distinguish between effective and ineffective security apps, we have tested over 200 Android antimalware apps in our annual 2018 Android research. Our test (again) shows that people should select their security apps with care and caution. We downloaded over 200 security apps from the official Google Play Store and tested them against 2000 malicious apps:

  • Only 84 security apps detect over 30% of the malicious apps with zero false positives.
  • At least 41 ineffective security apps were taken down from Google Play Store in the last two months of our test.
  • Another 38 security apps use dubious scanning techniques with little or no real-world protection.

The results also show that it is better stick to reputable security vendors. From the 28 antimalware vendors scoring a perfect 100%, over 70% were well known from other IT-platforms. Read our report for details.

5. Malware in the media Once bitten twice shy or double dumb?., 24 [−]

The historic summit between North and South Korea is of course the most important security related news in April 2018. This promising security news was countered by tragic-comical IT-related security news. It is not about the privacy (Facebook) or security (Google Play) hassles of social media, but about a big city hit twice by malware.

In April 2017 and March 2018, the city of Atlanta was hit by ransomware. According to a security company, the 2017 malware infection might have used unpatched SMB vulnerability (the NSA backdoor double pulsar). In March 2018 the city was hit by ransomware again. The SamSam ransomware is known to use an old (2016) JBoss/Java vulnerability.

The Major Keisha Lance gave a press conference on the 22nd of March, in which she stated the system outage affected applications that customers use to pay bills and court related information was encrypted. The SamSam group had demanded a ransom to be paid in five days of 51.000 dollars.

On the 27th of March a city press release was posted in which employees were advised to turn on computers and printers for the first time since the March 22 cyber attack. One can assume that the internal loss of productivity by advising city civil servants not to use computers or printers must have been much bigger than the ransom asked.

The question arises: Why hadnt they learned from the first attack? Had their IT department not investigated the cause of the first attack to adopt security policies? The answer to that that question is a jaw-lowering YES. They had performed an audit, but ignored the conclusions of that audit.

The audit reports of the City of Atlanta are published for transparency of public policy. It links to the full audit report which examines whether it’s Information Security Management System is ready to meet certification requirements ISO/IEC 27001:2013, the internationally recognized information security management standard.

The conclusion of this January 2018 audit is: The current Information Security Management System has gaps that would prevent it from passing a certification audit including: missing or outdated policies, lack of formal processes to identify, assess, and mitigate risks and incomplete measurement, reporting and communication related to risks.

After the city went public, CSO reported that the SamSam group took the contact server (to pay the ransom) off line. So, payment of the ransom to recover from the attack no longer seemed to be a viable option. Can we assess Atlanta Citys spending on IT-support and remediation related to this ransomware attack?

The purchase contracts of the City of Atlanta are also published. When we filter out the purchases of the Atlanta Information Management department the cost directly related to the ransomware attack seem to add up to well over one million dollars (as below list shows)!

To Major Keisha Lances defense, we have to explicitly mention that she took office in January 2018. The purchases also show that another two million dollars were invested to prevent future failures. So often, security only seems to become a priority when the damage has been done.

The Atlanta tragi-comedy is not exemplary. According to Steven Wilson, Head of Europols European Cybercrime centre A large number of the attacks reported to the police are neither sophisticated nor advanced. Many of them work because of a lack of digital hygiene, a lack of security by design and a lack of user awareness.

6. Business Test Factsheet March-April 2018., 23 [−]

As you may have noted, we have now a Consumer main-test series (covering home-user products) and a Business main-test series (covering enterprise solutions).

We just released the first factsheet of the new Business main-test series, which covers the months March and April.

You can find the factsheet here:

The full and more detailed report – containing also a Performance test and product reviews – will be released in July.

7. Consumer Malware Protection Test March 2018., 22 [−]

We released our Consumer Malware Protection Test. Any samples that have not been detected e.g. on-access are executed on the test system. A false alarm test is also included.

8. Hacking Complete Beginner’s Practical Guide., 16 [−]

Hacking: 2 Books In 1 Bargain: The Complete Beginner’s Guide to Learning Ethical Hacking with Python Along with Practical Examples & The Beginner’s Complete … Hacking and Pen. Testing (English Edition)

Have You Always Wondered If Hacking Has Any Benefits?Are You Interested In Penetration Testing To Examine Security Strength?Then I Invite You To Take Advantage Of My Limited Time Bundle 2 in 1 Discount!Cyber crime is the biggest threat that every organization on the planet faces today! And it…

9. Digging in the deep web: Exploring the dark side of the web., 16 [−]

Digging in the deep web: Exploring the dark side of the web

Digging in the deep web: Exploring the dark side of the web | Ing Pierluigi Paganini | ISBN: 9781980532545 | Kostenloser Versand f?r alle B?cher mit Versand und Verkauf duch Amazon.

10. Performance Test April 2018., 16 [−]

AV-Comparatives released their latest Performance Test Report for consumer security products under Microsoft Windows 10.

18 consumer products were tested regarding their impact on system performance. But keep in mind: Protection is more important than speed!

 RSS- () — RSSfeedReader
: 10

AVC-News (1)
Books (1)
deepweb (1)
False Alarm (1)
hacking (1)
Malware Protection (1)
Real-World Protection Test (1)
Security News (1)
test results (1)
wpdt (1)

2018-06-15, . (2)
2018-05-28, . (1)
2018-05-26, . (1)
2018-05-24, . (1)
2018-05-23, . (1)
2018-05-22, . (1)
2018-05-16, . (3)