sman

source : http://www.hongkiat.com/blog/blocking-ads-in-android/

https://www.tripwire.com/state-of-security/latest-security-news/attackers-seized-brazilian-banks-every-domain-infect-visitors-malware/

It's not about HP alone but also PC's of other makers which have Audio driver supplied by Conexant are at risk, too.

But if it's to do with sticking to XP, why the reports/articles referred hav'nt said so??.. Would like to see the blocking of these exploit kits, to see the effectiveness.. It is not that exploit tools are not embraced by AV's.. Norton , Eset etc. come with exploit protection too (which caused compatibility issues during MBAE testing phase)..

Certainly 'Central Banks' all around would have a Cyber protection policy which member Banks ought to comply with and whether the Bank's hit are due to non-compliance of Central Bank policies?..

But protection compromise would only be invitation for more trouble, as businesses bound to suffer what with client compensation that could cripple them and here in this threat scenario, it's not about ATM's but about Banking setup's being hit..(which is the disturbing fact)..

OMG.. https://arstechnica.com/security/2017/05/hp-laptops-covert-log-every-keystroke-researchers-warn/?utm_content=buffer20997&utm_medium=social&utm_source=facebook.com&utm_campaign=buffer

It is all the more shocking & disturbing to know that many Banks (which would not be slack in it's security/protection) are hit..

If existing tools can mitigate the risks, why so much outcry by the security experts (even Kaspersky, Symantec etc.) on this?.. why endpoint protection is said to be found wanting and the rise in infection of banks/financial crimes as per https://arstechnica.com/security/2017/02/a-rash-of-invisible-fileless-malware-is-infecting-banks-around-the-globe/ https://threatpost.com/hard-target-fileless-malware/125054/ When it comes to attribution, a number of threat actors’ names are commonly associated with these types of attacks. Cybercriminal and nation-state operations such as Carbanak, Duqu and FIN7 have each been suspected in memory-based malware attacks. Last month, researchers at Morphisec released a report stating FIN7 was behind several recent incidents. One was a high-profile attack that used fileless malware targeting professionals affiliated with United States Securities and Exchange Commission filings. Kaspersky Lab said attackers who targeted 140 banks and enterprises were likely connected to the GCMAN and Carbanak groups. But, Epstein said, a wide range of less organized and less sophisticated threat actors are now leveraging fileless malware attacks. Mitigation against these threats will take new tools and a shift in end-user awareness, Brumaghin said. For starters, security experts say disabling the use of PowerShell on networks is a good start. They also recommend monitoring more closely outbound traffic and tracing it back to applications making those requests. If Windows Notepad or Calculator are making network connections, you might have a problem, experts say. “From the malware author side, we are expecting to see more advanced attacks,” said Mordechai Guri, chief security officer at Morphisec. “We will see more advanced obfuscation, polymorphism and injection techniques, that evade such a potential monitoring and detection.”

Nice to know that the threats are in MB's radar.. But why all the noise?..

here is a rather disturbing report http://www.darkreading.com/vulnerabilities---threats/fileless-malware-takes-2016-by-storm/d/d-id/1327796 https://www.carbonblack.com/2017/02/10/non-malware-fileless-attack/

But it is said, they are difficult to detect, hence the very name causes un-easiness and push traditional AV detection to oblivion?

Is it another form of exploit??..

https://zeltser.com/fileless-malware-beyond-buzzword/ Gartner used the term “non-malware attack” in a 2017 report that highlighted Carbon Black. However, another Gartner report published a month later used “fileless attacks” instead. Why Does It Matter? I like the idea of saying “non-malware attacks” for incidents that rely solely on legitimate system administration tools and other non-malicious software. This is the scenario that some people describe as living-off-the-land. In contrast, I might prefer to say “memory-only malware” if I need to point out that malicious code is never saved to disk, perhaps because it was injected into another process. I’m even OK with saying “fileless malware” when bringing focus on persistence mechanisms that avoid placing traditional executables on the file system. Unfortunately, nowadays the terminology has been commingled, and we’re probably stuck with the term “fileless malware” to describe the various scenarios outlined above, despite the term’s ambiguity. Alas, human language is imprecise and always-evolving. (If we all spoke C#, perhaps the world would be a better place.) I care about this terminology because I’m trying to avoid buzzwords and empty phrases when describing the capabilities of the anti-malware product for which I’m responsible at Minerva. It runs alongside other endpoint security tools and blocks all sorts of sneaky malware, regardless whether its payload touches disk. I’m often asked how we handle fileless malware; I decided to perform the research above to better understand how and when I should use this term. https://www.minerva-labs.com/

Good..

MS had/has to keep updating it's versions regularly and does it mean it's bad?.. softwares will keep evolving with usage and updates are a part of it..

https://en.wikipedia.org/wiki/You_Light_Up_My_Life_(song)

https://www.redbull.tv/tv http://www.folx.tv/player/play.html

http://www.capitalfm.com/tv/ now in True Movies.. (watched few days back "Merry In-laws" good movie)..

What a voice (reminds of 'Backstreet' in solo)..