Security firm Webroot drops a clanger when it declared Windows was malicious and borked customers’ PCs, millennials are streaming a lot of movies illegally, and blackmailers are targeting members of the Ashley Madison cheating site again.
All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by special guest Michael Hucks from PC Matic.
Smashing Security #018: 'Windows is a virus. True or False?'
Listen on Apple Podcasts | Spotify | Pocket Casts | Other... | RSS
More episodes...
Show notes:
- Webroot antivirus goes bananas, starts trashing Windows system files – The Register.
- Webroot causes massive headaches after falsely flagging Windows files as malicious – Graham Cluley.
- Tweet by Webroot user Bob Ripley – @M5_Driver.
- W32.Trojan.Gen false positive – advice for home users – Webroot.
- W32.Trojan.Gen false positive – advice for business users – Webroot.
- Most millennials regularly stream pirated content, survey finds – Torrent Freak.
- Malware, data theft, and scams: researchers expose risks of free livestreaming websites – Ku Leuven.
- File sharer hit with $675,000 fine – Digital Trends.
- Ashley Madison blackmail roars back to life – ZDNet.
This episode of Smashing Security is made possible by the generous support of Recorded Future – the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.
Sign up for free daily threat intelligence updates at recordedfuture.com/intel.
Thanks to Recorded Future for their support.
Hope you enjoy the show, and tell us what you think. You can follow the Smashing Security team on Bluesky.
Remember: Subscribe on iTunes to catch all of the episodes as they go live. Thanks for listening!
I hadn't known about the Great Sophos Disaster.
How did they recover from a situation where they can't push out an update? And how did they fail to scan their own software?
Because of the scanning method that DSAV-Findvirus used (single point), I don't think we ever had a false alarm.
Here is how The Register reported the Sophos foul-up: https://www.theregister.co.uk/2012/09/20/sophos_auto_immune_update_chaos/
If I recall correctly, the first fix was a manual one – on every computer that had had its Sophos Anti-Virus update feature borked by umm.. Sophos Anti-Virus.
Later there might have been a tool produced that could be rolled out across the network as users logged in, but that's lost in the mists of time for me.
Regarding "how did they fail to scan their own software"? My understanding is that the false detection was spotted during testing…. and then human error meant that someone overrode the warning and pushed out the update anyway…
But it's five or so years ago now, so that may not be right.
I seem to recall there may have been occasional false alarms (but nothing like what McAfee and others suffered from) when it came to file compressors, Dmitry's heuristics, etc. But they were pretty rare. David Emm probably remembers better than me.
BTW, it's 20 years since we put out this press release. Time files…
http://www.prnewswire.co.uk/news-releases/mcafee-pleads-with-dr-solomons-to-reduce-virus-detection-rate-156451045.html