[OPLIN 4cast] OPLIN 4cast #499: Anti antivirus

OPLIN Support support at oplin.ohio.gov
Wed Jul 20 10:30:06 EDT 2016 

 OPLIN 4Cast
Email not displaying correctly? View it in your browser.
<http://www.oplin.org/4cast/>
[image: OPLIN 4Cast]

OPLIN 4cast #499: Anti antivirus
July 20th, 2016

[image: virus alert] Licenses for antivirus software have been part of most
libraries’ annual IT expenditures for decades now. The internet is a
dangerous place, as we all know, so why would you not want to protect your
public computers? All of a sudden, however, the value of antivirus software
seems to be questioned from several different directions. Is it possible
that antivirus software could actually make your computers more vulnerable
in some cases? (If you are using antivirus software, make sure you keep
applying all patches and upgrades as soon as possible.)
- Intel thinks “Antivirus is s#!+” and dumps useless McAfee
<https://blog.knowbe4.com/cyberheistnews-vol-6-27-intel-thinks-antivirus-is-s-and-dumps-useless-mcafee>
(KnowBe4 Cyberheist News | Stu Sjouwerman) “Antivirus is getting
increasingly useless these days. Ransomware attacks in many cases sail
right through all the filters because they rely on social engineering the
end-user and contain no malware in either the body or the attachment. The
bad guys can easily find the email addresses of your users, called your
‘phishing attack surface’.”
- How to compromise the enterprise endpoint
<http://googleprojectzero.blogspot.ca/2016/06/how-to-compromise-enterprise-endpoint.html>
(Google Project Zero blog | Tavis Ormandy) “Today we’re publishing details
of multiple critical vulnerabilities that we discovered, including many
wormable remote code execution flaws. These vulnerabilities are as bad as
it gets. They don’t require any user interaction, they affect the default
configuration, and the software runs at the highest privilege levels
possible. In certain cases on Windows, vulnerable code is even loaded into
the kernel, resulting in remote kernel memory corruption. As Symantec use
the same core engine across their entire product line, all Symantec and
Norton branded antivirus products are affected by these vulnerabilities.”
- Alert (TA16-187A): Symantec and Norton Security products contain critical
vulnerabilities <https://www.us-cert.gov/ncas/alerts/TA16-187A> (United
States Computer Emergerncy Readiness Team) “The large number of products
affected (24 products), across multiple platforms (OSX, Windows, and
Linux), and the severity of these vulnerabilities (remote code execution at
root or SYSTEM privilege) make this a very serious event. A remote,
unauthenticated attacker may be able to run arbitrary code at root or
SYSTEM privileges by taking advantage of these vulnerabilities. Some of the
vulnerabilities require no user interaction and are network-aware, which
could result in a wormable-event.”
- Antivirus software is ‘increasingly useless’ and may make your computer
less safe <http://www.cbc.ca/news/technology/antivirus-software-1.3668746>
(CBC News | Emily Chung) “He [Concordia University professor Mohammad
Mannan] doesn’t use antivirus protection on his primary machines and hasn’t
for years, he said. ‘I don’t see any clear advantage of using them,’ he
wrote in a followup email, noting that they can slow your machine down and
introduce new vulnerabilities. Neither the vulnerabilities reported by
Mannan nor the Symantec vulnerabilities are known to have been exploited,
but that doesn’t mean they never have been.”

*Articles from Ohio Web Library <http://ohioweblibrary.org>:*

   - Data security and privacy: More than the IT department’s concern.
   <http://search.ebscohost.com.proxy.oplin.org/login.aspx?direct=true&db=cph&AN=110906827>
   (*Computer & Internet Lawyer*, Dec.2015, p.8-11 | Drake Mann,
   Christopher L. Travis and Don Lloyd Cook)
   - Trend Micro flaw could have allowed attacker to steal all your
   passwords.
   <http://search.ebscohost.com.proxy.oplin.org/login.aspx?direct=true&db=f5h&AN=112783049>
   (*PC World*, Feb.2016, p.54-55 | Jeremy Kirk)
   - Cyber extortion: The silent threat.
   <http://search.ebscohost.com.proxy.oplin.org/login.aspx?direct=true&db=cph&AN=113988265>
   (*Computer Weekly*, 3/8/2016, p.4-6 | Warwick Ashford)

------------------------------
The *OPLIN 4cast* is a weekly compilation of recent headlines, topics, and
trends that could impact public libraries. You can subscribe to it in a
variety of ways, such as:

   - *RSS feed.* You can receive the OPLIN 4cast via RSS feed by
   subscribing to the following URL:
   http://www.oplin.org/4cast/index.php/?feed=rss2.
   - *Live Bookmark.* If you're using the Firefox web browser, you can go
   to the 4cast website (http://www.oplin.org/4cast/) and click on the
   orange "radio wave" icon on the right side of the address bar. In Internet
   Explorer 7, click on the same icon to view or subscribe to the 4cast RSS
   feed.
   - *E-mail.* You can have the OPLIN 4cast delivered via e-mail (a'la
   OPLINlist and OPLINtech) by subscribing to the 4cast mailing list at
   http://lists.oplin.org/mailman/listinfo/OPLIN4cast.

© 2016 Ohio Public Library Information Network
[image: Find us on Slideshare] <http://www.slideshare.net/oplin>  [image:
Find us on Facebook] <http://www.facebook.com/oplin.org>  [image: Find us
on Google+] <https://plus.google.com/107751358238995507967>  [image: Find
us on Twitter] <http://www.twitter.com/oplin>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.oplin.org/pipermail/oplin4cast/attachments/20160720/fec72c70/attachment.html>

More information about the OPLIN4cast mailing list