Cylance Protect AV vulnerability patched

MegaCortex variant redesigned a self-executing, incorporates features of previous version
August 7, 2019
Kern County suffers data breach compromising over 15000 employees’ personal information
August 8, 2019
Show all
0

Cylance Protect AV vulnerability patched

Published by securityforumadmin at
Categories
Tags

Carnegie Mellon Software Engineering Institute’s CERT Coordination Center is issued patch for a recently disclosed vulnerability in Cylance Protect.

The vulnerability note, VU#489481, said that prior to a July 21, 2019, update Protect contained flaws that allow an adversary to craft malicious files that the AV product would likely mistake for simply being benign files. Security researchers found that this was done by isolating specific properties in the machine learning algorithm allowed them to change most known malicious files.

“Several common malware families, such as Dridex, Gh0stRAT, and Zeus, were reported as successfully modified to bypass the Cylance product in this way. The success rate of the bypass is reported as approximately 85 percent of malicious files tested,” the note said.

Cylance has deployed a patch fixing the problem and any systems that have connected to the service since July 21 have been updated.

securityforumadmin
securityforumadmin

Related posts

May 19, 2020

SOPHOS ALERT: Change your XG Firewall admin password (KBA135412)

Read more
August 9, 2019

​State Farm customer accounts breached in credential stuffing attack

Read more
August 8, 2019

Data Breach Reminds: Configuration Is Key

Read more

Leave a Reply

Your email address will not be published. Required fields are marked *