Symantec Archives

Tech Optimizer

June 1, 2025

Bitdefender vs. Norton: Which Antivirus Titan Reigns Supreme for Your Digital Safety?

Bitdefender was established in 1996 and rebranded in 2001, becoming the most popular mobile antivirus in North and South America in 2022. Norton was founded in 1982 and became well-known after Symantec's acquisition. Bitdefender achieves over 98% detection rates online and offline, with five false positives in tests, while Norton exceeds 99% online and 97% offline but has a higher false positive rate. Bitdefender offers a configurable firewall in its Total Security package, while Norton provides a customizable firewall across all products. Bitdefender lacks identity theft protection in its core offerings but offers a separate service, while Norton includes comprehensive identity theft protection in its highest tier. Bitdefender includes a VPN with a 200MB daily cap, while Norton offers an unlimited VPN in most tiers. Bitdefender features an integrated password manager without two-factor authentication, while Norton allows credential sharing and has standalone options. Bitdefender provides basic parental controls, while Norton includes additional features like GPS tracking. Bitdefender enhances its packages with a file shredder and vulnerability scanner, while Norton offers SafeCam and Dark Web Monitoring. Bitdefender is known for resource efficiency, receiving awards for performance, while Norton also received recognition for its performance. Bitdefender has an easy-to-navigate interface, while Norton has a more complex interface. In AV-Comparatives tests, Bitdefender slightly surpassed Norton in offline detection and online protection rates. Bitdefender pricing starts at approximately .99/year for one device, while Norton starts at .99/year for one device as well.

Winsage

May 8, 2025

Windows 0-Day Vulnerability Exploited in Wild to Deploy Play ransomware

Threat actors associated with the Play ransomware operation exploited a zero-day vulnerability in Microsoft Windows, identified as CVE-2025-29824, before a patch was released on April 8, 2025. This vulnerability affects the Windows Common Log File System (CLFS) driver, allowing attackers to elevate their privileges to full system access. The Play ransomware group targeted an unnamed organization in the United States, likely gaining initial access through a public-facing Cisco Adaptive Security Appliance (ASA). During this intrusion, no ransomware payload was deployed; instead, the attackers used a custom information-stealing tool named Grixba. Microsoft attributed this activity to the threat group Storm-2460, known for deploying PipeMagic malware. The exploitation affected various sectors, including IT, real estate in the U.S., finance in Venezuela, software in Spain, and retail in Saudi Arabia. The vulnerability received a CVSS score of 7.8 and was addressed in Microsoft's April 2025 Patch Tuesday updates. The attack involved creating files in the path C:ProgramDataSkyPDF, injecting a DLL into the winlogon.exe process, extracting credentials from LSASS memory, creating new administrator users, and establishing persistence. The Play ransomware group has been active since June 2022 and employs double-extortion tactics. Organizations are urged to apply the security updates released on April 8, 2025, especially for vulnerable Windows versions, while Windows 11 version 24H2 is not affected due to existing security mitigations.

Winsage

May 7, 2025

Play ransomware affiliate leveraged zero-day to deploy malware

The Play ransomware gang exploited a critical vulnerability in the Windows Common Log File System, identified as CVE-2025-29824, which has a CVSS score of 7.8 and is categorized as a "Use after free" vulnerability. This flaw allows an authorized attacker to elevate privileges locally and has been confirmed to be exploited in real-world attacks. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added it to its Known Exploited Vulnerabilities catalog in April. Microsoft addressed this vulnerability during its April Patch Tuesday security updates, acknowledging its exploitation in limited attacks targeting various sectors in the U.S. and Saudi Arabia. Researchers from Symantec reported that the Play ransomware gang used the CVE-2025-29824 exploit in an attack against a U.S. organization before the public disclosure and patching of the vulnerability. The attackers utilized the Grixba infostealer tool and initially exploited a public-facing Cisco ASA firewall to gain entry. They deployed tools to gather information, escalated privileges using the CVE-2025-29824 exploit, and executed malicious scripts to steal credentials. The exploit took advantage of race conditions in driver memory handling, allowing kernel access and manipulation of files. Before the patch was released, the exploit was reportedly used by multiple threat actors, and Microsoft linked it to other malware.

Winsage

May 7, 2025

Play ransomware exploited Windows logging flaw in zero-day attacks

The Play ransomware gang exploited a critical vulnerability in the Windows Common Log File System, identified as CVE-2025-29824, to execute zero-day attacks, gaining SYSTEM privileges and deploying malware. Microsoft recognized this flaw and issued a patch during last month's Patch Tuesday. The gang targeted sectors including IT and real estate in the U.S., the financial sector in Venezuela, a Spanish software company, and retail in Saudi Arabia. They used the PipeMagic backdoor malware to deploy the CVE-2025-29824 exploit and install ransomware payloads. Symantec's Threat Hunter Team linked these activities to the Play ransomware-as-a-service operation, noting the use of the Grixba infostealer tool. The Play ransomware group, active since at least June 2022, employs double-extortion tactics and has compromised approximately 300 organizations globally as of October 2023. Notable victims include Rackspace, Arnold Clark, the City of Oakland, Dallas County, Antwerp, and Microchip Technology.

Tech Optimizer

March 23, 2025

New Report Antivirus software Market to Reach New Heights by 2034

The global antivirus software market is projected to grow from approximately USD 4.5 billion in 2024 to around USD 9.2 billion by 2034, reflecting a compound annual growth rate (CAGR) of about 6.7% from 2025 to 2034. The market is analyzed by various criteria, including type (standalone, integrated, cloud-based), device (computers, tablets, smartphones, servers), operating system (Windows, macOS, Android, iOS, Linux), and end user (individual, enterprise, government). Key players in the industry include Symantec Corporation, McAfee Inc., Kaspersky Lab, Trend Micro Inc., Avast Software s.r.o., Bitdefender, ESET, Sophos, F-Secure, Panda Security, Microsoft Corporation, NortonLifeLock Inc., Check Point Software Technologies, CrowdStrike Holdings, Inc., SentinelOne, Cylance Inc., Malwarebytes, Qihoo 360 Technology Co. Ltd., and AhnLab Inc. The report also provides regional analysis for North America, Europe, Asia-Pacific, South America, and the Middle East and Africa.

Tech Optimizer

February 5, 2025

Avast Antivirus Statistics and Facts (2025)

Avast's global revenue for 2024 is projected to reach USD 950 million, with a growth rate of 4% compared to the previous year. The company has over 435 million active users globally, with 60% of its revenue coming from Europe and North America. Avast controls 6.5% of the global antivirus market and ranks among the top five providers in the cybersecurity industry. Its VPN services, using AES-256-bit encryption, saw a 12% increase in subscriptions. Additionally, 80% of Avast's products integrate AI and machine learning, and mobile security products account for 20% of its total revenue. Avast has raised USD 100 million in funding, bringing its valuation to USD 2,865.9 million, and partnerships with major tech companies contribute 10% of its total revenue. The company employs more than 1,800 individuals and has around 9 million weekly active users. Avast prevents nearly 1.5 billion attacks each month and has users in 59 countries. A total of 859 companies utilize Avast for organizational cybersecurity solutions, and the software is available in 45 different languages. Avast offers a 30-day free trial and has a highly accurate antivirus solution, with a 94.2% offline detection rate and a 99.5% online detection rate. Avast is compatible with Windows, macOS, Android, and iOS, and provides a 30-day money-back guarantee. The software features include real-time protection, Wi-Fi Inspector, CyberCapture, and email shield. Paid plans range from INR 4,144.79 (USD 49.99) to INR 6,632.17 (USD 79.99) per year. In Q1 2024, social engineering attacks were identified as the biggest threat, with scams increasing by 61% on mobile and 23% on desktop. Avast's global risk ratio was 31%, with a total of 3.52 billion blocked attacks. The company secured the fourth position in the antivirus market, with 8% paid users and 18% free users. As of July 2024, avast.com had 14.1 million visits, with the United States contributing 20.1% of the traffic. Male users made up 62.93% of visitors, and the highest percentage of users were aged 25 to 34. Organic search generated the highest traffic rate, accounting for 45.9%, while YouTube was the leading source of social media referrals.

Tech Optimizer

February 5, 2025

Avast Antivirus Statistics and Facts (2025)

Avast has a user base exceeding 435 million globally and employs over 1,800 individuals. The company’s projected global revenue for 2024 is USD 950 million, with approximately 60% generated from Europe and North America. Avast commands 6.5% of the global antivirus market and has raised USD 100 million in funding, elevating its valuation to USD 2,865.9 million. The software prevents nearly 1.5 billion attacks each month and operates in 59 countries. It is available in 45 languages and competes with brands like Symantec and McAfee. Avast's antivirus solution has a 94.2% offline detection rate and a 99.5% online detection rate. Paid plans range from INR 4,144.79 (USD 49.99) to INR 6,632.17 (USD 79.99) annually. In Q1 2024, Avast blocked 3.52 billion attacks, with social engineering attacks being the predominant threat. The website avast.com recorded 14.1 million visits in July 2024, with the United States accounting for 20.1% of total traffic. Organic search generated 45.9% of total visits, and YouTube was the leading social media referral source.

Tech Optimizer

November 20, 2024

Pc Antivirus Software Market Poised for Explosive Growth, Reaching USD 42.47 Billion by 2032

The PC Antivirus Software Market is projected to grow from billion in 2024 to billion by 2032, with a compound annual growth rate (CAGR) of approximately 6.68%. The market is segmented into home users, small businesses, and large enterprises, with North America currently leading. Key players include Kaspersky, Symantec, Malwarebytes, VIPRE Security Group, McAfee, Trend Micro, Bitdefender, FSecure, Panda Security, and ZoneAlarm. Recent innovations involve machine learning and cloud-based threat analysis, while the demand is driven by increased cyberattacks and digital work environments. The Asia-Pacific region is experiencing rapid growth due to increased internet penetration and a focus on cybersecurity.

Winsage

November 17, 2024

7 built-in Windows games I miss the most

- Solitaire was introduced in Windows 3.0 in 1990 and became a staple for users until Windows 7. - Chess Titans was part of the 3D games suite introduced with Windows Vista, known for its visuals and smooth animations. - Minesweeper debuted with Windows 3.1 in 1992 and became a cultural icon due to its minimalist design and addictive gameplay. - SkiFree was included in the Microsoft Entertainment Pack and featured a humorous skiing premise. - Smart Dots was part of the Symantec Game Pack, focusing on creating boxes on a grid of dots. - Hangman was another game from the Symantec Game Pack, a word-guessing game popular among friends and family. - 3D Pinball for Windows - Space Cadet was originally part of Full Tilt! Pinball and included in several Windows versions, known for its engaging gameplay and soundtrack.