Did you watch the Apple event? The first ever announcement in the Steve Jobs Theater showed that they miss Steve Jobs. I remember Steve Jobs introducing the NeXTcube. That was a jaw dropping event. The NeXTcube had display depth while the rest of the world used monochrome. It marked the birth of the dock. Combining an application launcher, desktop explorer, and task manager into one single application. So simple straightforward, yet so brilliant and beautiful.
Malware in the media – Augusts’ eclipse and Android 8
On August the 21st people in the USA could witness a total solar eclipse. People from Oregon to South Carolina could see the moon totally covering the sun. A total eclipse is a unique event. The last total eclipse of the sun happened 38 years ago and the next one will be in 2024. Google smartly used this event to introduce the next Android OS version. Version 8 is named Oreo, a popular chocolate cookie filled with butter milk cream.
Spotlight on security: Does Google lives up to its promise?
In 2007 Google promised to change the world with Android and the Open Handset Alliance: “A new computing environment that will change the way people access and share information in the future. The Android platform will be available under one of the most progressive, developer-friendly open-source licenses to bring to market new innovative products faster and at a much lower cost.“
A decade after the announcement we did some fact checking to see whether Google lives up the promises made in the original press release?
Malware in the media – July’s “ignorance is bliss”
The Internet of Things (IoT) promises to make life easy, but Panda calls it “the next cyber security nightmare” and CSO ranked “the Internet of malicious things” as the number one threat for 2017. Shortly after the NotPetya ransom-worm, the first ever WIFI-worm was unveiled: broadpwn!
On July the 27th Nitay Artenstein demonstrated the first successful WIFI-worm attack at the Blackhat USA 2017 event. Broadpwn used a vulnerability of the Broadcom WIFI chipset which could potentially impact over one billion smartphones. Luckily both Google and Apple released a patch before public disclosure (ignorance is bliss).
Spotlight on security: Bob Dylan & Dalai Lama on threats & transparency
At first glance the WannaCry and NonPetya outbreaks are no different from the CryptoLocker outbreak of 2015 or the CryptoWall outbreak of 2014. Some of us may even remember the first file-encrypting malware, called PC Cyborg Trojan (aka AIDS Trojan) discovered in 1989. So security insiders may ask themselves in despair: How many fools does it take, to make the same mistake over and over again?
Malware in the media – June’s “fire in the hole”
Fire in the hole is a warning that an explosion is about to occur. In old days coal miners used to yell this three times before igniting dynamite. In those days dynamite was used to break rock and dig tunnels to excavate coal. The military adopted this expression to warn of an impending explosion.
Spotlight on security: Pi-hole a blackhole for Internet advertisements
Starting from June, AV-Comparatives will highlight an interesting event, idea, initiative, announcement or product which will make the digital world a safer place to surf and live in. We will kick off with an interesting piece of software originally developed for the Raspberry Pi, called Pi-hole.
Malware in the media – May’s lesson
Proactive protection against the WannaCry ransomware (not the exploit)
The WannaCry ransomware has been a major news story over the last few days. It has infected hundreds of thousands of computers worldwide (mostly in Russia), including some well-known companies and institutions. All the programs in our public Main Test Series now detect the WannaCry malware samples by means of signatures, but we decided to find out which of these programs would have blocked the malware sample (not the exploit) proactively, i.e. before the the outbreak started and the malware samples became known.
Introducing AV-Comparatives’ Malware Protection Test
The Malware Protection Test is an enhancement of the File Detection Test which we performed in previous years. It assesses a security program’s ability to protect a system against infection by malicious files; what is unique about this test is that in addition to checking detection in scans, it additionally assesses each program’s last line of defence. Any samples that have not been detected e.g. on-access are executed on the test system, with Internet/cloud access available, to allow features such as behavioural protection to come into play.