3/21/2023 0 Comments Ccleaner cloud poratl![]() ![]() Cisco Inks Video Delivery Deal With Viacom (Light Reading).CEO Chuck Robbins is expected to be named chairman at the shareholder meeting in December. The John Chambers Era Is Ending at Cisco (Light Reading)Ĭisco Chairman John Chambers announced this week that he will not seek re-election.Here are the headlines we’re reading this week: A busy week for that company and the others below. And Cisco researchers found that the CCleaner malware was targeting at least 18 tech companies. ![]() The networking giant also announced a partnership with Viacom. Even your trusty broom needs a good cleaning occasionally.This week’s top story picks from the Kentik team.Ĭisco Chairman John Chambers announced this week that he will not seek re-election. McAfee Advanced Threat Defense swept up the unwanted files and cleaned house. This is where advanced malware detection capabilities demonstrate their true value. Through the exploitation of this trust-based relationship between the application and users, attackers could successfully utilize a method to infiltrate and potentially compromise victim machines. These include embedded and dropped content, file operations, and network activity.ĬCleaner has historically been a reliable tool in sweeping up and cleaning a machine’s unwanted temporary files and invalid Windows registry entries. As seen from the screenshot provided in the report, the application’s functionality can be triggered and monitored in an isolated environment to prevent any propagation of the threat.Īdditionally, other behavioral awareness indicators can be observed through the report, providing a more thorough analysis and confident assessment of the intent of the application. In addition to simply installing, executing, and running the application, the user can perform tasks in CCleaner to emulate real world behavior to reveal any evasive and latent code. X-mode allows the ATD user to interact with the program while it’s running isolated within the virtual analysis environment. Also, there is an action that describes the intent of the file to behave as ransomware would. Looking at the Dynamic Analysis, it’s apparent that the application was attempting to download content from a suspicious webserver. So exactly what behavior was exhibited as malicious and tagged with such a high severity? As stated earlier, attackers have exploited the trust between the update mechanism in the application with the web servers from which the updates are pulled. Looking at the Threat Analysis Report generated after the application was analyzed, compelling evidence can be observed on the true intent of the application. ATD provides manual investigation by allowing the user an interactive window, or X-mode, into the VM which detonates the sample for analysis. Without the requirement of amending a blacklist or a DAT update, ATD could detect malicious behavior in the latest version of 5.34 of CCleaner. Luckily those with McAfee defenses including McAfee Advanced Threat Defense (ATD), the advanced sandbox, could thwart the obfuscated malicious activity within the ever trusted CCleaner. Taking a quick glimpse at VirusTotal, it’s apparent that most endpoint vendors have not caught on to the compromised application. By exploiting the trust relationship established between this commonly known good application, attackers can tap into the inherited trusted web servers which host and distribute updates. This is an atypical scenario as CCleaner has been a trusted application by users. With an estimated installation base of 2.27 million, which highlights the pervasiveness of the application and the potential customers who could be susceptible to a breach, this could bloom into a widespread issue. ![]() Hackers utilized a backdoor vulnerability through the software’s updating system into the application. On Monday, security researchers in Cisco’s Talos division revealed that the ever popular, free computer clean up tool CCleaner had been compromised for at least the past month. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |