Anti-virus
Anti-virus
Anti-virus software consists of computer programs that attempt to identify, thwart and eliminate computer viruses and other malicious software (malware).
Anti-virus software typically uses two different techniques to accomplish this:
- Examining (scanning) files to look for known viruses matching definitions in a virus dictionary
- Identifying suspicious behavior from any computer program which might indicate infection. Such analysis may include data captures, port monitoring and other methods.
- Most commercial anti-virus software uses both of these approaches, with an emphasis on the virus dictionary approach.
Historically, the term anti-virus has also been used for benign computer viruses that spread and combated malicious viruses. This was common on the Amiga computer platform.
Definitions provided by Wikipedia - The Free Encyclopedia
Anti-virus Related Products
The GB-Ware is a software firewall powered by GNAT Box System Software certified to ICSA 4.0 Corporate criteria. The GNAT Box System Software was designed from the ground up as an integrated firewall system with interoperability of features, easy installation and remote management. We supply the OS and firewall software - you supply the hardware.
More information
The ProxyAV 400 Series is a purpose-built solution designed for quick integration with ProxySG 800 for deployment in medium enterprise or distributed environments. It provides scalable performance with a choice of antivirus engines from Sophos and McAfee.
More information
The GB-3000 Gigabit Firewall UTM Appliance is Global Technology Associates' flagship appliance. It offers the highest throughput and most comprehensive feature set in GTA's product line. The GB-3000 provides powerful network security and strong performance by delivering world-class protection and gateway threat management capabilities in a single dedicated appliance.
More information
The Blue Coat SG810 Series represents the ultimate in a 1U rackmount proxy appliance platform. The 810 series is purpose-built, providing flexible control with wire-speed performance with up to 4GB of memory and 1.2TB of disk capacity. Utilizing a custom, object-based OS with integrated caching for performance, organizations can advise, coach and enforce granular policies down to individual users.
More information
The Blue Coat AV510 Series is a purpose-built solution designed for simple integration with Blue Coat SG810 and SG510 series solutions for medium enterprise or distributed environments providing scalable performance with a choice of antivirus engines.
More information
The Blue Coat AV810 Series represents the next generation in highend appliance platforms for enterprise Web AV. The AV810 series is a purpose-built appliance designed for scalable, enterprise performance, enterprise manageability, and factory-built integration with the Blue Coat SG
More information
With the same protection and acceleration features found Blue Coat's enterprise-grade SG8100 Series platform, the Blue Coat SG510 offers an affordable rack-mountable appliance solution for small enterprises and branch offices which have direct access to the Internet.
More information
Websense Express provides the industry's leading content filtering and Internet security capabilities in a simple and affordable solution. It allows organisations under 1000 users to quickly and easily protect their employees from Internet risks by controlling access to inappropriate content and proactively blocking security threats before they have a chance to infect their systems.
More information
The award-winning M86 Secure Web Gateway (M86 SWG) is a proactive, appliance-based solution that provides real-time Web security, increases productivity, ensures compliance and controls bandwidth. Using patented real-time malware detection technology, URL filtering and anti-virus scanning ,the M86 SWG protects organisations from crimeware, malware and other threats associated with Web 2.0 applications.
More information
The Blue Coat ProxySG 210 provides an affordable appliance solution for remote offices where direct Internet access requires accelerated performance of business applications and granular control of web communications. At the edge of an organization’s application delivery infrastructure, the ProxySG 210 provides controlled acceleration of business applications across the globally-distributed enterprise.
More information
The GB-2500 Gigabit Firewall UTM Appliance is one of GTA's most capable firewall UTM appliances. Designed for businesses with substantial network demands, the GB-2500 features a powerful Intel Dual-Core processor, two gigabytes of RAM and four gigabytes of static memory.
More information
The GB-2100 Gigabit Firewall UTM Appliance provides powerful, comprehensive protection and network reliability for organisations of all sizes. The GB-2100 Firewall UTM Appliance is designed for organisations that desire a single, dedicated firewall appliance to handle complex network environments and protect their businesses from outside exploits.
More information
The GB-820 Gigabit Firewall UTM Appliance Specifically designed for smaller offices, the GB-820 Firewall UTM Appliance provides gigabit performance with all the features and tools available in larger appliances, but in a space-saving desktop unit and with a budget-friendly cost.
More information
Anti-virus Related Product Families
Trusted by 100 million users and endorsed by industry analysts as a leader, Sophos provides a full range of endpoint, encryption, email, web and NAC solutions that are simple to deploy, manage and use.
More information
Anti-virus Related Industry News
Klez is the worst virus in the world. Ever... Most prolific rate of infection of all time... The Klez worm has now overtaken SirCam as the most prolific virus of all time, according to anti-virus firm MessageLabs.
MessageLabs registered 776,725 instances of the Klez H-variant as of 11:00(BST) this morning - 14,000 more than the SirCam worm which has been plaguing networks since July last year.
The H-variant of Klez was first discovered just one month ago.
While neither SirCam nor Klez c......
[more] US cybersecurity plan is revealed The White House is urging consumers and companies to tighten up their computer security.
A draft version of a widely anticipated cybersecurity plan due to be released by the Bush administration on 18 September will reveal how the US Government intends to improve net security problems.
Early versions of the report stepped back from imposing regulations on net users and instead made a series of recommendations that it hoped all businesses and individuals w......
[more] Net firms face constant attack Tuesday and Friday are the most popular days for releasing viruses and launching attacks against net using companies.
The preference of net vandals is revealed in a report by Symantec on the state of net security.
It reveals the sustained assault every company connected to the web constantly undergoes.
It also shows that most attacks are being made with just a few pernicious programs.
Crack attack
The report shows that, on average, every net-conn......
[more] Spam virus 'hijacks' computers Spammers are sending out viruses that take over people's computers and turn them into junk mail machines, say experts. It is a worrying new development in the ongoing war against spam and could see a huge rise in the amount of unsolicited messages in inboxes worldwide.
In a worst case scenario, it could overwhelm the entire internet system warn experts.
UK spam filtering firm MessageLabs has found what it believes is the first example of a virus that has be......
[more] Growing fears over net threat An upsurge of hacker activity on the internet is causing alarm among computer experts. "An internet-wide increase in scanning for vulnerable computers over the past several days reinforces the urgency for updating affected systems," said the US Department of Homeland Security.
It warned that the flaw in Windows could soon be used by a computer virus to disrupt traffic on the net and potentially affect millions of machines worldwide.
Free fix
The vulnera......
[more] Security spending to hit $13.5bn by 2006 Global revenues in enterprise security technology are predicted to reach $13.5 billion by 2006, up from $7.1 billion in 2002 last year. Intrusion protection, vulnerability assessment technology and security management tools are tipped to be key revenue generators in a new report by market watcher Datamonitor called Enterprise Security Product Markets.
While North America will remain the largest market, predicted to reach $6.9 billion in 2006, Latin A......
[more] Spam fuels boom in secure content market Junk mail is an increasing problem but the search for an effective cure remains fraught with difficulties. That's the message we take from a slew of recent surveys on the subject.
Market watcher IDC predicts that anti-spam products will be a key driver for the secure content management (SCM) software market which it expects to grow by 19 per cent a year to reach $6.4 billion in 2007.
"Virus infection is still the main concern regarding corporate......
[more] Security Software Still Going Strong in Western Europe The Western European market for IT security software remains buoyant, according to a report just released by IDC. The report, entitled `Western European Security Software Forecast and Competitive Vendor Shares, 2002/2007,' says that, during 2002, sales for security software in the region were $2 billion.
This year, the IT research firm predicts, the market will increase by around 15 per cent and, by 2007, it will have reached $4.5 billion......
[more] Blaster variant could alter internet security tactics "Good Samaritan" variant of last week's Blaster worm has sparked speculation that the worm could pave the way for a new breed of proactive security on the internet. But, in the meantime, users whose PCs have been infected with the variant have spent the past 48 hours frantically updating systems and vetting laptops. The variant searches for Windows 2000 and XP machines which have not been updated with the Microsoft patch needed to prevent Bla......
[more] New computer virus hits inboxes August is turning out to be a bumper month for Windows computer viruses. Sobig F and Welchi are putting a huge amount of strain on network traffic and are slowing corporate systems, security experts said.
Anti-virus firm MessageLabs said it had stopped nearly 307,000 copies of the virus since Tuesday and the BBC has received thousands of infected e-mails.
Confidence trick
The first version of Sobig appeared in June of this year but the newest F varian......
[more] Virus poses as Microsoft update A Windows virus masquerading as a security update from Microsoft is spreading via e-mail, warn experts. The worm, dubbed Swen or Gibe, comes as an e-mail attachment and exploits a two-year-old hole in Internet Explorer.
Nearly 35,000 copies of the worm in 82 countries have been reported by one security company, while another has classified it as a high risk.
Computer users are advised not to click on attachments in unknown e-mails and update their systems......
[more] Sophos beats rivals in VeriTest analysis Sophos Anti-Virus provides most frequent virus updates, fastest scanning speed and shortest installation time Sophos, a world leader in anti-virus and anti-spam protection for businesses, today announced that in a competitive analysis of enterprise anti-virus applications conducted by VeriTest, a division of Lionbridge Technologies, Sophos Anti-Virus led competitor solutions in several key areas including most frequent virus updates in both manual and aut......
[more] 'Mydoom' worm strikes computers A malicious new computer virus spread via e-mail is clogging networks and may allow unauthorised access to personal computers, experts warn. The worm, called Mydoom or Novarg, is carried as an e-mail attachment and sends itself out to new e-mail addresses once opened by the recipient.
The virus may also open a "back door" to the computer to give hackers access.
"As far as I can tell right now, it's pretty much everywhere on the planet," said one anti-virus......
[more] Worms Hit Home It's early in 2004 and Microsoft is sick with nearly 65,000 viruses, it's crawling with worms, and there are enough packaged trojans sitting around to wreak havoc on almost any virile computer. It would be nice for security professionals to afford a week off from the world of viruses, worms, trojans, and backdoors to enjoy a long overdue vacation, but we all know the malevolent attempts of the next major outbreak are just around the corner. The fact that each of us can only contr......
[more] Slammer: One Year Later Slammer exposed previously unknown interdependencies that were thought to be separate from the Internet, said Alan Paller, director of research at The SANS Institute. "People realized that all the things that we didn't think were connected to the Internet actually were," Paller said Cash machines froze. Airlines and hospitals dusted off paper forms to schedule reservations and track patients. This was the scene on Jan. 25, 2003, shortly after the Slammer worm appeared and......
[more] Bounty on creators of e-mail worm The malicious e-mail worm, Mydoom, is still burrowing through global e-mail networks, but will plateau in the next two days, said security experts Carried in an e-mail attachment, it sends itself out to other e-mail addresses if opened, and may allow unauthorised access to computers.
Experts said it was designed to cripple software firm SCO's website, by flooding it with data on 1 February.
SCO said it was offering a $250,000 reward to find who was respo......
[more] New version of computer virus found Internet security experts yesterday found a new version of the Mydoom computer virus, dubbed the Mydoom.B, that evades detection measures for the original virus, Finland's F-Secure said "The new virus has been modified so that the original Mydoom anti-virus protection does not detect it," Mikko Hyppoenen, director of F-Secure's anti-virus division, said.
The Mydoom.B virus is designed to attack www.microsoft.com, the main website run by Microsoft Corp, as w......
[more] Hacktivists behind MyDoom worm Internet-based hacker-activists -- known as hacktivists -- seem to be behind the mass e-mailing this week of the MyDoom worm, which has commandeered consumers' computers around the globe to serve as a staging area for another, more potent attack on their primary, commercial target next month Computer experts told United Press International that MyDoom -- a self-replicating string of malicious computer code -- could turn out to be the most widespread worm of all tim......
[more] Rampant E-Mail Virus Traced to Russia MyDoom, the fastest-proliferating computer virus ever, has been traced to Russia Using location-sensing software, Kaspersky Labs has traced the first e-mails infected with MyDoom back to addresses with Russian Internet providers.
"It's scary, but most serious viruses are written in Russia," said Denis Zenkov, spokesman for Kaspersky, the country's largest anti-virus software company.
Ever since it first appeared Monday night, the virus has managed to l......
[more] E-mail virus a revenge of the nerds It's the moment computer geeks around the globe have been awaiting With the world's "greatest-ever computer virus attack" threatening to throw the internet into chaos tomorrow, the dotcom surgeons hold the key to solving the Mydoom riddle.
A rapidly-multiplying worm which broke out on Australia Day, the virus has crippled more than 500,000 machines worldwide, generating more than 100 million bogus e-mails.
So intense is the concern that internet giants t......
[more] Major viruses - The Facts The MyDoom Internet worm claimed its first scalp on Sunday, paralysing the Web site of American software firm SCO Group with a massive data blitz.
SCO is not alone. Microsoft Corp has been targeted by a second variant of MyDoom, dubbed MyDoom.B. That attack is timed to kickoff on Tuesday.
MyDoom, the latest worm to infect computers over the Internet, is the fastest-spreading attack since last summer's twin attacks by the Blaster worm and SoBig virus, computer sec......
[more] Microsoft expected to escape Mydoom virus Computer security experts are confident that Microsoft will escape unscathed from a viral attack set to be launched against it on Tuesday by a variant of the virulent Mydoom e-mail virus.
Experts said on Monday the variant virus, known as Mydoom.B, had not spread far enough to create a sufficiently large data blitz that could overwhelm the giant software maker's robust websites.
The original virus, known as Mydoom.A, was among the fastest spreadi......
[more] Microsoft dodges Mydoom onslaught Microsoft is likely to largely escape unscathed by an attack from a Mydoom virus variant due today Security experts say the software giant's technical resources, bugs in Mydoom.B and the limited spread of the virus will cut damage to a minimum.
By contrast SCO's website has been unreachable for days thanks to the data barrage launched by the virus.
Anti-virus firms say the Mydoom outbreak seems to have peaked as infected PCs are found and cleaned up.......
[more] MyDoom Author: "Sorry" A variant of the virus has a cryptic message in which the author appears to apologize for creating the infection The MyDoom variant that joined the original virus in wreaking havoc on the Internet last week contains a cryptic message in which the author appears to apologize for the malicious code, security experts say.
The creator of what anti-virus experts say is the fastest spreading virus ever on the Internet signed MyDoom and MyDoom.B with "andy," and left the follow......
[more] Why you must install a firewall -- now Anti-virus software won't protect you from the latest type of worm affecting Windows systems: you need a personal firewall. Here's why there's never been a better time to take this extra precaution If you haven't already installed a personal firewall on your Windows computer, consider this your last warning. MSBlast, the worm that exploited the buffer overflow in Windows' DCOM RPC protocol, wasn't the sort of email-borne pest that anti-virus software is goo......
[more] PayPal virus writing scammer pleads guilty A Minnesota man who tried to defraud PayPal customers through a phishing scam has pleaded guilty to wire fraud Alec Scott Papierniak, 20, of Mankato in Minnesota, also admitted using viral code to further his fraudulent activities at an appearance in a federal court in San Jose on Tuesday.
Papierniak was able to siphon money from online accounts after he tricked users into handing over their user names and passwords via bogus security alerts. These......
[more] Clueless office workers help spread computer viruses Busy or apathetic employees are accelerating the spread of viruses and potentially costing UK businesses millions in clean-up charges, according to a survey out today Two-thirds of the 1,000 people quizzed by market researchers TNS in January admit they are not aware of even the most basic virus prevention measures. Meanwhile a third of those polled in the Novell-sponsored study said they are too busy to check their emails before opening them.......
[more] Symantec warns users of new variant of Melissa virus Researchers at the Symantec AntiVirus Research Center are warning computer users of Melissa.W, a variant of the damaging Melissa virus that uses Microsoft Outlook to e-mail itself as an attachment.
Characteristics of Infection
Melissa.W, is a macro virus that has worm capabilities. It spreads via email with the subject line displaying "Important Message From (user name)." and text which reads "Here is that document you asked for?don't sho......
[more] 'Protect PCs' Microsoft users told Security experts have warned PC users running Microsoft Windows to make sure their anti-virus software is updated It comes after Microsoft earlier said that a critical flaw in its latest versions of Windows operating systems could leave PCs vulnerable to hackers.
It has urged home users and firms to download the free software repair patch from its website to fix it.
If users do not download the patch, and protect their computers, they could be left open......
[more] Valentine virus warms up for love byte Indian hackers prepare to go one up on hawks and spoil the party worldwide Lovebirds, you had better watch out. If you receive an e-mail this Saturday that says “HappyValentine” or “Bmyvalentine2day” or any phrase that has the word “Valentine” in it, stay on your guard: it may not be that long-awaited missive from your beau but a virus designed to wreck your computer’s innards.
A group of hackers in India is preparing to unleash an attack that will hit c......
[more] "MyDoom-D" worm poses no problem for Sophos users Sophos virus experts have reassured customers that they are already protected against the worm some anti-virus vendors are calling "MyDoom-D".
Sophos products can detect "MyDoom-D" using the W32/MyDoom-A update released on 27 January. MyDoom-D is only marginally different from the original MyDoom worm, replacing the text "Mail transaction failed" with "ROFL HELLO SAM HOWS UPZ".
"Some anti-virus vendors have had to release updates to prot......
[more] UK workers 'virus-blind' The average UK worker is too busy or too complacent to watch out for and cope with viruses, according to research from Novell They either claim they don't have time to worry about checking each email before they open it, or they don't see any reason to bother.
It's alarming, but not all that surprising. For years, security firms have warned that users sticking passwords on sticky notes by their computers are creating a security hazard. Walk through any office and you......
[more] Virus writers undone by need for publicity Thank God for good old fashioned pride...
Another virus writer has been arrested - this time in Belgium, and while we're loathe to publicise the individual any further, the question of publicity is an interesting one.
A long running - and very public spat - appears finally to have come to an end after a virus writer going by the name of Gigabyte was arrested and charged with computer data sabotage. Gigabyte's motivation has always appeared t......
[more] F-Secure Antivirus Sales Record High During The Last Quarter of 2003 F-Secure reported revenues of 10.8 million euros for the 4th quarter of 2003 and 39.0m for the full year. The operating result was EUR 1.3 million positive for the fourth quarter. For the full year of 2003 the operating result was EUR 1.5 million positive and Profit Before Tax 4.3 m positive. The antivirus sales were record high and revenues increased by 40% in Q4 and by 21% in 2003. The good progress was due to positive develo......
[more] Cheesy new Bagle virus has little bite Yet another new Internet mass-mailer worm was reported spreading in the wild on Tuesday, Bagle.B, also known as Tanx-A, and dubbed by some as Goldfinger (because it saves itself as a file au.exe, and au is the periodic symbol for gold).
It’s not another Mydoom however, although like it, it does have a remote access component. Network Associates’ McAfee AVERT anti-virus research division raised its risk assessment of Bagle.B, but only to Medium, whereas M......
[more] 'Gamer's virus' aims to hit users A miserable month for Microsoft is continuing with warnings about yet another Windows worm. Anti-virus companies have issued alerts about Bagle.B that is starting to appear in large numbers.
Like many other recent viruses it harvests addresses from the popular Outlook e-mail program and sends messages using its own e-mail engine.
Bagle.B also installs a backdoor in infected machines that could gives some remote control over compromised PCs.
New virus......
[more] Microsoft Sending Security Patches on a CD In a bid to target a security hurdle rampant with dial-up Internet users, Microsoft has rolled out a security update CD giveaway for users of Windows XP, Windows Me, Windows 2000, Windows 98, and Windows 98 Second Edition (SE). The Windows Security Update CD will ship with all of its "critical" patches released by the software giant through October 2003 and free anti-virus and firewall trial software.
The launch of a CD giveaway with security patche......
[more] Sophos Announces Opening of North American Virus Lab Sophos, a world leader in anti-virus and anti-spam protection for businesses, today announced the opening of its North American virus lab. Sophos currently operates full-time virus labs in the United Kingdom and Australia and a spam lab in Vancouver, Canada. With the addition of its Lynnfield, MA-based virus lab, Sophos will be able to further extend protection for its customers worldwide.
As the threat of viruses continues to escalate alo......
[more] Sophos Joins Microsoft Virus Information Alliance Sophos, a world leader in protecting businesses against spam and viruses, today announced that it has joined the Virus Information Alliance, an industry initiative founded by Microsoft Corp. and consisting of ten leading anti-virus vendors. The alliance aims to provide Microsoft customers with accurate and relevant information about the latest virus threats affecting Microsoft technology.
As part of the initiative, virus researchers in Sophos l......
[more] Latest MyDoom picking up pace Security experts issued fresh alerts over a new, file-deleting version of the MyDoom e-mail worm that was targeting computer users with greater ferocity on Wednesday. The new outbreak, known as MyDoom.F, emerged late last week and has been gathering steam since then.
The virus is programmed to infect personal computers and use them to unleash a crippling digital barrage known as a denial-of-service attack on select Web sites belonging to Microsoft and the Record......
[more] Bizex worm attacks ICQ A new instant messaging worm dubbed "Bizex" is making the rounds, targeting ICQ users with invitations to visit a site that can install malicious code on the target computer. Russian anti-virus company Kaspersky Labs Ltd. issued a warning about the virus Thursday, terming it an "epidemic" and estimating that 50,000 PCs worldwide have been affected. But a Symantec Corp. security researcher said his company has seen only a handful of Bizex infections and ranks the virus's t......
[more] New Worms Mean March Madness for IT Pros The latest "Bagle" worm is something corporate network users definitely didn't order this morning, but it's the return of the Netsky worm that has many security experts worried.
First appearing Friday afternoon, the five Bagle worms -- Bagle.A, Bagle.B, Bagle.C, Bagle.D, Bagle.E and Bagle.F -- wriggle into e-mail in-boxes via a password-protected .zip file, which many anti-virus software applications can't access.
"This is just one more method of......
[more] Sophos joins Microsoft Virus Information Alliance (VIA) Sophos, a world leader in protecting businesses against spam and viruses, today announced that it has joined the Virus Information Alliance, an industry initiative founded by Microsoft Corp. and consisting of ten leading anti-virus vendors. The alliance aims to provide Microsoft customers with accurate and relevant information about the latest virus threats affecting Microsoft technology.
As part of the initiative, virus researchers in......
[more] Pesky Netsky tops virus warnings "Unprecedented" numbers of Windows virus variants are spreading online, say computer security firms. Current top of the threats is Netsky.D, the fourth version of an e-mail worm that scours networks seeking new addresses to send itself to.
Users will know if their PC has caught the virus because infected machines will beep at certain times on 2 March.
Many of the viruses on the list of top threats are variants of others that appeared only in the last few......
[more] Viruses thwart security measures Half of UK businesses were damaged by computer viruses in 2003, despite most of them using anti-virus software. The findings were revealed in early results of a UK government survey that catalogues security breaches suffered by British businesses.
It revealed the new tactics virus writers use to spread their creations.
"Anti-virus software alone is just not enough anymore," said Chris Potter, a PricewaterhouseCoopers security analyst who co-wrote the surv......
[more] Red alert over worst internet virus Computer users are facing the worst virus outbreak yet. Experts have warned that a stream of new bugs could bring the internet to a standstill within days.
Mailboxes across the country are already reaching bursting point, with some users receiving thousands of infected emails.
"It's going to be mad March and could get a lot worse," one expert warned.
Hundred of British businesses have already found their email servers clogged up.
In the last......
[more] Bagle and Netsky battle for supremacy in war of the worms, Sophos advises Netsky virus removes Bagle as cyber war grows Expert virus researchers at Sophos have declared that a state of war exists between the creators of the Netsky and Bagle worms, both of which have spread widely across the internet in a number of different guises.
The author of the Bagle worms has encoded a number of abusive messages inside recent variants of his creation, attacking the Netsky worm's creator.
Meanwhil......
[more] Spammers target home PCs You may hate getting spam but unless you are careful you could be responsible for sending some of it. It is estimated that at least one-third of all junk mail messages is being relayed by home computers.
And to make matters worse your humble home PC was probably turned into a spam-spewing relay by one or more computer viruses.
Computer viruses have come a long way since the days when they were just a nuisance put together by a teenager with too much time on their......
[more] Nuisance worms give helpdesks 'virus fatigue' A wave of mass-mailing computer viruses last week threatened to slow corporate e-mail systems and overload helpdesk staff with calls from users. New variants of Bagel, MyDoom and Netsky flooded the internet as rival groups of virus writers sought to out-do one another. Anti-virus companies said the outbreak was more of a nuisance than a cause of any real damage to businesses, but warned security staff not to lower their guard.
"There is probably q......
[more] Netsky Hacker Threatens New Attack Text inside the Netsky.k worm threatens a possible attack Thursday, March 11 A message embedded within one of the most recent Netsky worm variants may spell trouble on Thursday, according to analysis done by an anti-virus firm.
Text tucked inside the Netsky.k worm, which first appeared Monday, indicates a possible attack on Thursday, March 11, said Panda Software in an advisory.
"The 11th of march is the skynet day," said the text in part, giving Panda re......
[more] Netsky Remains A Threat Netsky, the worm that plagued users last week, shows no sign of going away, contrary to comments embedded in a variant released Monday. On Wednesday and Thursday, two new versions of Netsky, tagged as Netsky.l and Netsky.m, were discovered by several anti-virus firms.
Like earlier editions of the worm, this pair's payloads are tucked inside file attachments to e-mail messages.
Netsky.k, the worm that hit the Web Monday, included a long diatribe that, among other t......
[more] New computer virus prompts campus to block '.zip' attachments A new wave of virus-laden attachments headed to campus e-mail accounts has prompted University of California Santa Cruz to impose the computer equivalent of a blockade.
Since last week, UCSC’s Information Security Team has blocked all .zip attachments coming to campus e-mail accounts.
E-mail with .zip attachments is still being received, but with the attachment removed. The subject line of the email is being modified with “{Vir......
[more] Australian hacker activity on the rise An Internet Security Report released by anti-virus vendor Symantec has revealed that Australia has joined the ranks of international hacker sources. Ranked 5th amongst the top originating countries, excluding worm-type strikes, Australia was the only new entry to the ranks tabled from hacker activity in the six months from July to December 2003.
However, the report notes that although the statistics are accurate in that they trace back to the last IP ad......
[more] Hacker turf war raging online A battle for the control of cyberspace by computer criminals -- similar in intensity to a turf war between rival mob families -- is underway on the Internet.
Computer security experts question how prepared the United States is to stop the conflict online, and wonder if nefarious criminal and Islamic terrorist elements are covertly involved in the battle.
Three groups of rival virus writers, including the authors of the famous MyDoom worm, as well as other wo......
[more] Sophos warns of new twist in Bagle threat, as new variants emerge Sophos, a world leader in protecting businesses against viruses and spam, is warning of a new twist in the Bagle virus saga. Two new variants, W32/Bagle-Q and W32/Bagle-R, use a different method of infection in an attempt to bypass anti-virus protection at the email gateway.
Unlike most email viruses, the two new Bagle worms do not carry email attachments, making them difficult to spot. Infected messages have a random subject......
[more] Security appliances, not software, are way forward IDC study points to new trend. Small businesses are rolling out security appliances, in place of security software, to lower the cost of increasingly complex security requirements, according to a new study.
Spending on server security appliances increased in Western Europe by 24 percent in 2003, with year-on-year growth of 46 percent in the final quarter of the year, according to IDC. Total spending in the region was $402.1 million (£219.4m)......
[more] Phatbot primed to steal your credit card details Trojan horse-type computer virus called Phatbot can steal credit card numbers and launch denial of service attacks on Web sites. The new virus made its debut on the Internet on Friday (18 March), clogging bandwidth, stealing personal data and initiating denial of service attacks.
Phatbot is a variant of a Agobot, a big family of IRC bots. It can steal personal information such as email addresses, credit card numbers, PayPay details and softwar......
[more] Stopping the enemy at the gate Over the past few years, security vulnerabilities have spiralled, writes Bloor Research analyst Fran Howarth. The CERT Co-ordination Centre, a federally-funded R&D centre operated by the Carnegie Mellon University in the US, publishes statistics of security vulnerabilities that are reported to it on an annual basis. In 1995, just 171 such incidences were brought to its attention; by 2003, that figure had risen to 3,784.
This increase in vulnerabilities is caus......
[more] Viruses getting worse Viruses and other computer attacks have worsened in the past year, and have become more costly for firms to deal with infections, according to a survey.
The survey of executives at 300 companies and government agencies worldwide with at least 500 computers "shows conclusively that despite increased spending, both the perception and the reality of the malicious code problem continues to worsen", said the security firm TruSecure, the survey organiser.
The survey also......
[more] Trust me I'm clean, claims virus The latest in a long line of NetSky variants, Netsky-P, tries to lull users into a false sense of security by containing spoofed disclaimers from anti-virus firms.
NetSky-P, first spotted over the weekend, was programmed to begin mass mailing yesterday. After encountering only a few copies of the virus during its "seeding" period, email filtering firm MessageLabs blocked 200,000 copies of the worm yesterday afternoon.
Like previous versions, NetSky-P is......
[more] Security is cheaper than printing Users are spending less on security than printers, according to a report by analysts IDC. However, the company does not think that pouring in more money is necessarily the answer - security spending can be wasted, just as easily as money spent on printers.
IDC agrees with research from the DTI that said a greater priority should be put on security, but instead of just putting more money in, companies should move to a more systems-based approach where securi......
[more] Online virus war is slowing down The long-running feud between the makers of the Bagle and Netsky Windows viruses seems to be losing its venom. The clash prompted the virus writers to pump out new versions and at the last count there were now 21 variants of Bagle and 20 of Netsky circulating.
Anti-virus firms said the makers of the malicious programs had worked hard to find new tricks for variants to use.
Despite the rash of variants neither is close to the number of different versions......
[more] Cyber security liability seen increasing Hackers, viruses and other online threats do not only create headaches for Internet users, they could also create prison sentences for corporate executives, experts say.
Though business groups have lobbied successfully against laws focused on cyber security, companies that do not make efforts to secure their networks could face civil and criminal penalties under an array of existing laws and court decisions, according to security and legal experts.......
[more] Spam’s cost is hitting schools and taxpayers Once fodder for late-night laugh lines, the volume of unsolicited e-mail is growing so quickly in the US that other people’s spam, as it’s most well-known, is costing you money. This is most clearly true in the case of government, school districts in particular.
Taxpayers in the Pottsgrove School District, for example, have spam at least partly to thank for the recent vote to spend more than $188,000 on upgrading the district’s computer system.......
[more] Virus computers used for fake websites Internet security experts on Monday warned that the creators of some of the latest computer viruses were using computers infected by the bugs to run online scams to get credit-card information from unsuspecting buyers.
"There is an operation of fake online shops running on infected home computers, which are being controlled by hackers or criminals," said Mikko Hyppoenen, head of anti-virus research at Finland's F-Secure.
"Currently there is an invest......
[more] Internet users prepared to pay ISPs for better spam protection Internet users are prepared to pay extra to their ISPs in return for protection against spam and 'malicious Web content', according to a new survey.
MORI found that the majority of Web users look to their ISPs to block spam, viruses and obscene websites for which 45 per cent are prepared to pay as much as £2 extra per month. Twenty-nine per cent believe the problem is so bad that they would pay an additional £5.
The survey, carr......
[more] Windows XP security gets tighter Microsoft is preparing an update to Windows XP that is intended to make the operating system more secure. Dubbed Service Pack 2 (SP2) the update will close some loopholes that virus writers and malicious hackers have exploited to infect or take over PCs.
The add-on for XP will also include extras that block pop-up ads by default and give users a clearer picture of how secure their system is.
The update is due to be finished and released to users by the e......
[more] Firms play down significance of spam But still a problem, research shows The volume of spam email will increase in the future, but the impact on business is not as damaging as initially predicted, according to research.
The Department for Trade and Industry's biennial Information Security Breaches Survey conducted by PricewaterhouseCoopers (PwC), found that nearly all UK companies receive unwanted junk email, but a third don't believe it is a business problem.
Some 17 per cent of companies......
[more] Europe Vulnerable to Virus Attack Despite the rampant spread of Internet viruses, many European businesses are still not using anti-virus software or keeping it up to date, according to a new study by McAfee Security.
McAfee surveyed 500 small to medium-sized businesses in the UK, Italy, Netherlands, France, Germany and Spain.
In the UK and France, only about 40 percent of companies surveyed said they have been keeping their anti-virus software up to date. In Italy, about 46 percent of......
[more] Schools rethink network security College IT staffs have become proactive since last summer's Blaster attack Computer worms and viruses continue to besiege colleges and universities, which are responding with a range of network security improvements.
Most schools are focusing on technology fixes: Products designed to correct specific weaknesses. But those won't be enough if the schools' CIOs overlook "softer" but equally vital issues, such as involvement by school presidents and provosts, and......
[more] Security budgets soared in 2003 The combined revenues of 22 of the largest publicly listed pure-play IT security vendors grew 14 per cent last year The heavy hitters of the security market posted combined revenues of $5.33bn last year compared to $4.67bn in 2002, according to a study by analysts Datamonitor published today.
"A steady rise in security revenues in 2003 indicates that corporate budgets are becoming less constrained and that security remains top of CIOs' agenda. This indicates st......
[more] Witty extinction The "Witty" worm appeared on 19 March, and within a few short days it completed its mission and effectively disappeared. It received minimal coverage by the major news media outlets and for many people it has already been largely forgotten, a mere blip on the radar among so many blips of new viruses and virus variants that appear each week. If the Witty worm didn't affect you, as is the case for most people, you probably don't care. But you should. The Witty worm set a dangerou......
[more] New Netsky worms change their stripes New versions of the Netsky e-mail worm are spreading on the Internet and may be the work of a different author than previous editions of that worm, according to anti-virus software companies.
Netsky.S appeared on Monday and Netsky.T was detected Tuesday. They are the 19th and 20th editions of an e-mail virus that first appeared in February. Unlike earlier variants, the new Netsky strains open "back doors" on machines they infect, prompting at least one......
[more] Kazaa and eDonkey brace for NetSky-Q onslaught Zombie PCs infected with the NetSky-Q worm are set to launch distributed denial of service attacks against P2P and warez sites tonight.
The worm will attempt to flood the main Web sites of Kazaa and eDonkey with spurious traffic between 00:01 8 April and 11 April (time taken from system clocks). Other sites including www.cracks.st, www.cracks.am and www.emule-project.net are also targeted for attack. File-sharing networks themselves won't be aff......
[more] NetSky-V spreads on auto-pilot Yet another NetSky virus arrived on the scene today. NetSky-V spreads using a well known Internet Explorer vulnerability, connected with the handling of XML pages. Instead of depending on users double clicking on infectious email attachments, the worm can spread automatically across vulnerable Windows boxes.
Users can be infected by NetSky-V simply by reading an infected email.
Just as well then that NetSky-V, although it has been observed in the wild, is......
[more] Web Braces for Netsky.V's Attack Worm's latest variant exploits old vulnerabilities and spreads without an attachment. The latest variant of the hugely effective Netsky series of worms is causing trouble by spreading without the use of an attachment. Slipping past many e-mail gateways, it can launch simply by being viewed in an e-mail program.
Rather than attaching the worm's executable code to an e-mail message, Netsky.V uses two separate vulnerabilities in Microsoft software to download th......
[more] PC users 'fail security tests' Future severe outbreaks of worms, viruses and other malicious programs are only going to be avoided with a radical new approach to computer security. So says Marcus Ranum, a senior technologist at respected security firm TruSecure and the man credited with creating the first commercial firewall.
Mr Ranum says there is a growing divide between the way that organisations and end users tackle computer security.
Many corporations are taking effective steps to p......
[more] Virus alert: Bagle X Back to basics for Bagle The latest manifestation of the Bagle worm has gone back to basics in its attempts to infect computers.
Bagle X entices users to open attachments by claiiming they contain free software, movie clips or pornography.
The worm also copies the domain name in the recipients address, making it appear to come from someone in the same company or at least the same ISP.
Anti-virus company Trend Micro warned that Bagle X any one of the following names:......
[more] Would you like a cherry Bagle with your zombie PC? An unknown group of VXers has released a new version of the Bagle worm.
Bagle-Y (AKA Cherry Bagle) spreads by either email or network shares. It opens back doors on infected PCs and turns them into zombie clients in DDoS or spam networks. The worm also tries to terminate various security and anti-virus applications, as well as processes associated with the NetSky worm. Most AV vendors rate Bagle-Y, which was first spotted today, as medium-ri......
[more] Protection busting Bagle virus strikes The latest version of the Bagle virus attempts to turn off nearly 300 antivirus processes it finds running on infected computers.
Sophos alerted users yesterday to Bagle-AA, which is also known as Bagle-AB and Bagle-Z, advising it had already received many reports. Trend Micro had issued a yellow alert for its customers.
In common with its predecessors, this latest Bagle arrives as an email with short texts in the subject and an attachment. If run, the......
[more] Top Ten Viruses & Hoaxes Reported to Sophos in April The report, which examines virus and hoax reports in the month of April 2004, shows three new viruses have entered the chart, with Netsky variants taking seven places.
The top ten viruses in April 2004 were as follows:
W32/Netsky-P (Netsky variant) 23.19%
W32/Netsky-B (Netsky variant) 20.16%
W32/Netsky-D (Netsky variant) 16.76%
W32/Netsky-C (Netsky variant) 4.99%
W32/Netsky-Q (Netsky variant) 2.79% NEW ENTRY
W32/Sober-F (Sober v......
[more] Latest internet virus targets small businesses Scores of people returning to work after the Bank Holiday could have a nasty surprise awaiting them in the form of a new internet virus.
Experts warn small and medium-size businesses are most at risk from the virus known as Sasser, which spreads to computers direct from the internet, unlike most viruses transmitted through e-mails and attachments.
The virus, which came to light in the past couple of weeks, is thought to have infected about 2,......
[more] Sasser worm expected to hit hard on Monday New worm does not need users to open e-mail attachments in order to propagate A new series of worms released onto the Internet exploits a critical security vulnerability in Microsoft Corp.'s Windows XP and Windows 2000 OSes and does not need users to open e-mail attachments in order to propagate, experts said Saturday.
The worm's impact is expected to peak Monday as millions of workers bring their laptops back to their offices, after using them over......
[more] Users unaware of wireless security needs Resellers need to provide education Despite a huge increase in wireless uptake, users still have poor awareness of their security, an area in which resellers should be playing a bigger educational role, according to security consultancy Orthus.
The firm's second annual survey of 450 European chief executives, IT directors and security specialists found that more than two-thirds of companies questioned are deploying wireless networks, but only 28 per cent......
[more] Virus sends coastguard computers off course Coastguards across Britain were unable to use their computers for several hours yesterday after being hit by a new internet virus.
Staff were forced to revert to pen, paper and radios after the electronic mapping systems, email and other computer functions at their head office and all 19 regional offices were knocked out by the Sasser virus.
The Maritime and Coastguard Agency, which co-ordinates search and rescues at sea and checks ships meet s......
[more] Internet virus causes global havoc A computer virus was spreading rapidly across the internet last night, causing disruption in homes and businesses from London to Sydney.
The internet worm, called Sasser, was discovered on the internet on Friday night and has already caused disruption in railways and coastguard operations as well as computer reservation systems and bank networks. A computerised mapping system at Britain's Maritime and Coastguard Agency was brought down by the worm, forcing......
[more] Sasser 'not our fault' says Microsoft The UK coastguard service lost the use of its computers and database-driven services for several hours after being hit by the Sasser virus - despite the fact a patch has been available for two weeks and further warnings from Microsoft were sent out last week.
As such the software giant says it is not to blame for this latest exploit of a vulnerability in its operating systems.
Coastguards were forced to revert to paper filing systems, telephones an......
[more] Emergency service hit by cyber virus A new Internet worm was spreading automatically worldwide and had probably already infected millions of computers, a Finnish anti-virus expert said today.
The Sasser worm could infect any computer that was switched on and contrary to most other worms or viruses was not spread by email, said Mikko Hyppoenen, head of anti-virus research at the Finnish Internet security firm F-Secure.
"This is one of few worms that spreads automatically. It is enough for......
[more] Home users learn virus lessons Consumers better prepared than many businesses Home computer users were better prepared for the Sasser worm outbreak than businesses, according to anti-virus company Sophos.
Sasser is an internet worm and does not need to be opened in an email to infect computers.
It exploits a security hole in Windows, scanning the internet for machines that have not installed the patch that fixes the flaw. It also seeks out PCs with no anti-virus software or firewall and sli......
[more] Companies taking computer virus attacks in their stride: security experts Computer virus attacks have become so common that companies are taking them in their stride.
Security experts that Channel NewsAsia spoke to say companies have accepted the fact that doing businesses on the Net will involve risks.
And they are willing to take those risks.
Once upon a time, computer viruses needed a user to activate them, by opening infected attachments in the email.
Now, they are getting smart......
[more] Why Are Virus Writers So Tough To Catch? The fight to rout Sasser and its ilk is fraught with ethical ambiguities. "Out of the 75,000 viruses that are written each year, all but 1,000 never infect anybody. So is it a crime to just write a virus?" asked David Perry of Trend Micro. "We are an open society. Do we give up all those [liberties] that make us Americans?" The Sasser worm author has confessed. Great, say many in the beleaguered tech industry. But why don't the authorities responsible for......
[more] Skynet virus gang in Germany busted Police in Germany have questioned another five people in connection with the creation and release of the Sasser and Netsky worms, according to a media release from anti-virus company Sophos.
Last weekend 18-year-old Sven Jaschan was arrested in Waffensen, North Germany, for allegedly writing and distributing the Sasser internet worm which disrupted home computer and corporate systems, including Westpac Bank.
Jaschan later admitted to police that he wa......
[more] SurfControl Says 'Brand Spoofing' Spams Up Nearly 500 Percent Since January 'Brand spoof' spam scams increased nearly 500 percent since January, and by 51 times since May 2003, SurfControl, the world's number one Web and e-mail filtering company, reported today. The company also warned individuals and companies to beware of a new dirty trick employed by brand spoof spammers -- a fake address bar that appears in an e-mail recipients' Web browser -- that makes
these e-mail scams look even more......
[more] Sneaky Virus Pretends To Be Yahoo A new virus that spreads by tricking computer users into clicking a link that pretends to direct the victim to a Yahoo.com news site remained a low threat on Friday, security experts said.
The virus "Wallon," first discovered in Europe early in the week, exploits a vulnerability in Microsoft Internet Explorer. Once executed, the malicious code gathers email addresses from the infected computer, using them to send the link to other potential victims.
The......
[more] AOL Block 1 billion virus emails in 12 months America Online (AOL) on Friday said it has blocked more than a billion virus attachments from reaching its members since it launched automatic e-mail attachment screening and premium anti-virus protection roughly a year ago.
Since the anti-virus services were launched, AOL has protected each of its members from an average of 30 different virus attacks, or an attack every 10 days.
"As we move into a high-speed world, anti-virus protection bec......
[more] Red alert over Symantec firewall flaw Four new vulnerabilities have been identified in Symantec's personal firewall products. Symantec warned yesterday that hackers could exploit the flaws to render targeted systems inoperable or execute remote code with kernel-level privileges. The problems were discovered during product testing of Symantec's client firewall application by security firm eEye Digital Security.
Affected consumer products include Symantec Norton Internet Security and Professio......
[more] Police probe Sasser informant The informant who led police to the self-confessed author of the infamous Sasser worm is himself under investigation. Marle B. - the man who provided the tip-off to Microsoft that led to the arrest of Sven Jaschan, 18 - has become a suspect in the German police's computer sabotage inquiry. Munich-based weekly Focus reports that a criminal investigation would blight Marle B's chances of a share in the $250,000 reward money from Microsoft's Anti-Virus Reward Program t......
[more] MS' anti-virus bounty success When Microsoft first announced its "bounty" program late last year, many security experts condemned the initiative as a mere publicity stunt: a marketing tactic designed to distract gullible users from the "real issue" with Microsoft products. With a No Honor Among Thieves mindset, I predicted that the program would yield positive results and that some unlucky malware author would be ratted out by bounty-seeking friends/family/peers, and held responsible for his or......
[more] Finance houses struggling against hackers Financial institutions are losing the war against hackers, according to a new survey out this week. The majority of finance houses (83 per cent) quizzed by management consultant Deloitte acknowledged that their systems had been compromised in the past year, compared to only 39 per cent in 2002. Many of the resulting security breaches have resulted in financial loss, according to Deloitte's 2004 Global Security Survey.
The survey provides a global be......
[more] Microsoft admit they were hacked Speaking exclusively to I.T. Vibe today, Microsoft admitted that a portion of their UK website was compromised by hackers and defaced.
The UK press site was replaced with text showing that the site was temporarily taken over by hackers calling themselves the "OutLaw Group". They also left a couple of books on the site, obviously as a dig at the site administrators, one on developing international software, and one on administrating Windows Server 2003.
T......
[more] Sasser clocked as biggest virus threat in May Anti-virus firms agree Sasser was the greatest threat last month.
Trend Micro's monthly roundup of virus activity placed Sasser as the eighth most prolific virus for the month. But it still marked the first Red Alert the company has issued this year.
However the network-aware worm topped Sophos' chart, accounting for more than half of all reports received.
'Sasser was the major pain in the neck this month, affecting far more users than eve......
[more] Potter-mania fuels pesky virus A pesky computer virus is taking advantage of the excitement surrounding the latest Harry Potter film. The Netsky.P worm is enjoying a resurgence by disguising itself as a Potter game, say anti-virus experts.
The virus, which first appeared towards the end of March, spreads by e-mail and via file-sharing services.
The third film about the adventures of the boy wizard, Harry Potter and the Prisoner of Azkaban, was released on Monday, making £5m in one day.......
[more] Sensible security stops Korgo worm dead in its tracks, Sophos reports Sophos experts have advised computer users that there is no need to panic about the family of worms known as Korgo, which have gained much media attention in recent days.
The Korgo family of worms distribute themselves in a similar way to the infamous and widespread Sasser worm, by exploiting a critical security hole in Microsoft's software. The security hole, known as the LSASS vulnerability, was first reported by Micros......
[more] Mutant son of MyDoom plans three-pronged attack Virus writers have used code from the infamous Mydoom worm to create a potentially dangerous new Internet worm which uses multiple methods to spread.
Plexus-A spreads using three different methods: infected email attachments, file-sharing networks and Windows vulnerabilities (the LSASS vulnerability used by Sasser and the RPC DCOM flaw used by Blaster). The as yet unknown virus authors used MyDoom source code as the basis for creating Plexus,......
[more] Harry Potter virus targets children Muggles spell trouble for family email accounts Virus authors have tapped into excitement over the latest Harry Potter film to spread an old worm.
Netsky.P was the second most common virus in May, according to figures from anti-virus companies. Now the worm seems to have found new life by enticing young computer users with promises of material relating to the Hogwarts hero.
While there is nothing sophisiticated about the worm's technique, innocent youn......
[more] Worm eyes up credit card details Windows users are being warned about a virus that is "aggressively stealing" credit card numbers and passwords. The Korgo virus debuted on 22 May and since then has been steadily racking up victims.
Although the virus is not widespread, security firms are issuing warnings because it is proving so effective at stealing confidential data.
Those infected by Korgo are being urged to change passwords and credit cards if they have been used online recently.......
[more] Sophos chief concedes Unix virus frustration Sophos' anti-virus chief, Jan Hruska, says the race to perfect "on-access" virus scanning technology for desktop versions of Linux and FreeBSD has the company's Unix developers "tearing their hair out". The development of on-access scanning for Unix would give Linux users the same the type of technology that protects Windows and Macintosh users when they inadvertently double-click or otherwise attempt to open files infected with viruses such as those......
[more] Virus writers deploy bulk mail software Hackers have used spamming software to distribute thousands of copies of a new Trojan. Email filtering firm MessageLabs alone has intercepted more than 4,000 copies of the Demonize-T Trojan over the last 24 hours.
Demonize-T is a multi-stage Trojan that uses an object data exploit in Internet Explorer (patch here) to download and execute an encoded visual basic script from a website. The Trojan then creates an executable file which appears to download......
[more] Backdoor program gets backdoored The author of a free Trojan horse program favored by amateur computer intruders found himself with some explaining to do to the underground last month, after his users discovered he'd slipped a secret backdoor password into his popular malware, potentially allowing him to re-hack compromised hosts.
The program in question is Optix Pro (Backdoor.OptixPro.12), a full-featured backdoor that allows an intruder to easily control a compromised Windows machine remo......
[more] Zafi.B works its way through Internet Now at a Level 2 alert The latest worm to zoom through the web, the multilingual Zafi.B, has had its security alert status raised to level 2.
Zafi.B has shot to the top of anti-virus specialist F-Secure's virus statistics over the weekend. The worm sends emails in a bunch of different languages – including English, Italian, Spanish, Russian and Swedish – with a small .pif attachment. If a user is brave or silly enough to click the attachment, it'll disable......
[more] When spyware crosses the line One of my friends called me in a panic the other day. It seems his eight-year-old daughter was surfing the Internet, searching for Barbie dolls, games designed for children, and other things of interest to eight-year-old girls, when something bad popped up on the screen. She may not have understood what she saw, but she knew it was bad and so she called Mom and Dad.
You can probably guess what popped on the screen. That's right, a page with explicit, graphic por......
[more] When spyware crosses the line One of my friends called me in a panic the other day. It seems his eight-year-old daughter was surfing the Internet, searching for Barbie dolls, games designed for children, and other things of interest to eight-year-old girls, when something bad popped up on the screen. She may not have understood what she saw, but she knew it was bad and so she called Mom and Dad.
You can probably guess what popped on the screen. That's right, a page with explicit, graphic por......
[more] August It Is For XP SP2
After almost a year of beta testing, Microsoft's Windows XP overhaul is finally ready for public consumption.
The oft-delayed Windows XP Service Pack 2 (SP2) will be released in early August as a free download optimized for both broadband and dial-up customers, a company executive confirmed.
"At this point, it looks like RC2 will be the final release candidate. We are on track to RTM (release to manufacturers) in August," said Matt Pilla, Senior Product Manager for......
[more] 360-Degree Security The beauty of information technology is that users generally benefit from its evolution. Hardware prices drop as functionality increases. Software becomes more agile and productive. Labor-intensive manual processes are automated, freeing up people to focus on other tasks.
In the case of network security, however, one very small user group is benefiting while the rest of us suffer-hackers. These individuals get their kicks by gaining network access and destroying other peop......
[more] First PocketPC virus found The first computer virus to infect handheld devices running Microsoft's PocketPC OS was discovered over the weekend.
Duts was written by Ratter, of the 29A virus-writing group, as an academic exercise rather than a serious attempt to spread malicious code across handheld computers. The same group created a virus capable of infecting mobile phones running the Symbian OS, called Cabir, in June. Cabir - like Duts - was a proof-of-concept exercise. In both instances, 29......
[more] New SurfControl Resources Help IT Managers Increase the Value of IT Investments Deployment and Best Practices Guides Help Reduce Vulnerabilities and Optimize Network Resources Despite predictions for increased IT spending in 2004, many network managers are still facing pressure to help lower the total cost of ownership of the corporate network infrastructure, reported SurfControl (London: SRF), the world leader in enterprise Web and e-mail filtering. In response, SurfControl today introduced Su......
[more] SSL making strides against IPSec VPNs Secure Sockets Layer remote-access gear is winning out over IPSec in some businesses because use of browser-based SSL technology can lead to cost savings, simpler administration and easier connections with partners.
Assent, a national equities-trading firm in Hoboken, N.J., lost potential business because it connects customers to Assent servers via IPSec VPNs, says Pankaj Chandhok, director of networking. The security policies of many potential customers......
[more] Google recovers after virus hits Net search engine Google appeared to resume normal service in the UK around 2000BST on Monday after a virus crippled its search engine. Net security firms reported that the havoc seemed to have been caused by a new variant of the MyDoom virus. Google confirmed a number of users in the UK and some US and French users had experienced problems. The search engine is one of the most popular on the net, dealing with 200 million global queries a day.
Hug......
[more] Net virus posing as Berg video A virus purporting to show video of Nick Berg alive has been released on the internet, warn security experts The virus is in a message post to tens of thousands of newsgroups, said anti-virus firm Sophos.
It is the same one that posed as a suicide note from Arnold Schwarzenegger and as images claiming to show that Osama Bin Laden had killed himself.
Computer owners are advised to ensure their anti-virus software is up-to-date and avoid opening unknown messages.......
[more] Bosses finger workers for virus attacks Workers are to blame for many of the security breaches that wreck firms' computers networks, according to research by the Institute of Directors (IoD).
Of the 1,240 UK small and medium sized businesses (SMB's) quizzed in its survey, half said they had suffered a virus attack as a result of "misuse" by staff. Six in ten of the companies surveyed said they had been hit by a virus attack.
Downloading non-work related applications, opening infected emails a......
[more] Intrusion prevention 'is key' McAfee and IoD urge SMEs to set up proper security management policies Security vendor McAfee has joined forces with the Institute of Directors (IoD) to educate SMEs on the need to switch from anti-virus to intrusion-prevention technology.
Research released by the two organisations, which questioned 1,240 SMEs in the UK, revealed that 57 per cent have suffered damage as a result of a virus, with half attributing this to misuse of technology by employees.
Viruses a......
[more] Windows update hardly a PC cure-all Microsoft's patch includes virus protection that requires special hardware, and firewall controls only incoming information An update to Microsoft Windows designed to fend off hackers, viruses and other security threats is long overdue but far from a panacea, security experts said.
With viruses and spyware running rampant, Microsoft - widely criticized for lax security - has released SP2, or service pack 2. It prevents pop-ups, enhances security, automaticall......
[more] Happy Anniversary MSBlast A year ago this week, MSBlast stormed onto the Internet, infecting millions of Windows PCs, disrupting business operations, and sending everyone and his uncle scrambling for the patch they should have deployed weeks before.
MSBlast hit the Net August 11, 2003, just 26 days after Microsoft released a fix for the vulnerability the worm exploited. Even though users had nearly a month to get ready -- and were warned ahead of time by security experts to expect a major att......
[more] The root of spam could be you The biggest single source of the spam that you receive may be you. Personal computers that have been infected with certain viruses and related types of malicious code are responsible for turning the humble home PC and broadband connection into the leading source of spam on the Internet.
Depending on who you believe, as much as 80% of all the spam sent on the Internet today comes from these compromised PCs - an estimate at the end of 2003 was 30%, indicating how qu......
[more] US cracks down on spam mountain John Ashcroft, the attorney General of the US, is expected to announce on Thursday dozens of lawsuits against alleged spammers following a low key campaign against the practise across the US. The arrests have been made over the last few weeks as part of a coordinated effort to crack down on spamming, dubbed Operation Slam Spam.
The New York Times reports that the Direct Marketing Association (DMA) has given significant funds to the campaign. The DMA is wants to......
[more] Electronic Jihad To Strike Thursday? Don't Bet On It A coordinated attack against the Internet, dubbed an "electronic jihad," may be as close as tomorrow, one security firm warned Wednesday. Other experts, however, were dubious.
According to a report on the Russian news service RIA Novosti, Eugene Kaspersky of the Moscow-based Kaspersky Labs has warned about a large-scale attack that might be delivered by Islamic terrorists.
Kaspersky and other security analysts have noted claims on Arabic-l......
[more] Teen charged over Sasser virus The alleged creator of the virulent Sasser virus has been formally charged. German prosecutors have laid charges of computer sabotage, data manipulation and disruption of public systems against student Sven Jaschan who has admitted writing the Windows worm.
In total 143 victims of Sasser have contacted prosecutors to report the damage they suffered as the malicious program rampaged through computers.
If found guilty, Mr Jaschan could face up to five years in ja......
[more] Anti-Virus Can Be Tricked By Hackers The anti-virus detection engines of several big-name vendors, including McAfee and Computer Associates, can be fooled by hackers, a U.S.-based security intelligence firm warned Tuesday.
According to an advisory posted by iDefense, a Reston, Va.-based vulnerability intelligence provider, the bug could let hackers slip their malicious code past the anti-virus defenses thrown up by McAfee, Computer Associates, Kaspersky Labs, Sophos, Eset, and RAV. (The last i......
[more] Trial of Sasser computer virus author delayed The trial of the self-confessed author of the Sasser computer virus has been delayed until next year, court officials in the small northern German town of Verden said Monday.
Schoolboy Sven J. shot to international noteriety after admitting to police he had written the worm and a predecessor, codenamed NetSky by virus-hunters, that infected hundreds of thousands of computers worldwide.
He told the German news magazine Stern that he released Sasser......
[more] CyberGuard polishes Webwasher appliance New content security device incorporates software functionality Network security vendor CyberGuard has launched its first Webwasher appliance following its acquisition of the German software vendor earlier this year.
CyberGuard bought Webwasher for $40m in May in a bid to add functionality to its appliance range.
The CyberGuard WW1000 Content Security Appliance, aimed at the medium to large corporate marketplace, integrates Webwasher's Content Security M......
[more] Apple Has a Virus? Congratulations! Hackers wouldn't bother writing malicious code to infect the Macintosh unless those computers actually mattered.Weird things are happening these days. The Red Sox win the World Series (in four games, yet!)—and a virus hits the Macintosh. It’s hard to say which is the stranger event. Weird things are happening these days. The Red Sox win the World Series (in four games, yet!)—and a virus hits the Macintosh. It’s hard to say which is the stranger event.
The Ap......
[more] Webroot Survey: Companies Neglect Spyware Threat Corporations are experiencing a steady infiltration of spyware into enterprise networks, but only a small number have deployed an enterprise-class solution to combat the threat, according to a new survey conducted by Equation Research for Webroot Software (www.webroot.com), provider of privacy, protection and performance software.
"Corporations are risking lost productivity and intellectual property to this rapidly growing threat by not deployin......
[more] Sophos Anti-Virus Receives 26th Virus Bulletin 100% Award Sophos, a world leader in protecting businesses against viruses and spam, has announced that Sophos Anti-Virus has been awarded the Virus Bulletin 100% award in the November 2004 edition of Virus Bulletin. This is the 26th time Sophos Anti-Virus has won a VB 100% award, confirming its position as one of the most powerful virus protection products available.Virus Bulletin tested 26 different anti-virus products for their detection rates,......
[more] Hoax virus warnings and spam scams: The top 10 Here's what's been fooling email users this summer... The full top 10:
1. JDBGMGR (accounts for 14 per cent of all reports) - A hoax virus warning relating to the Microsoft debugger registrar for Java. Verdict: The purported seriousness of this virus warning has been eating up bandwidth worldwide. If you receive such a warning check with your anti-virus firm before mailing it out to everybody you know. They are invariably a hoax.
2. Budweiser fro......
[more] Bin Laden Terrorist Video Email is Really a Virus, Warns Sophos Experts at Sophos, a world leader in protecting businesses against viruses and spam, have warned users to beware of emails claiming to contain videos of Al Qaeda leader Osama Bin Laden as they really contain a malicious computer worm.
The W32/Famus-F worm has been discovered in the wake of George W. Bush's re-election as President of the United States of America and less than a week after an Arabic television station broadcast the......
[more] Cheat Sheet: Virus names and alerts Is a yellow warning on MyDoom.O better, worse or the same as a level 2 warning on MyDoom.P?
OK, well I know what computer viruses are so this should be straightforward - the name is just how they are distinguished from one another and the warning is an indication of how problematic things are at a given time?
Exactly. It really is that simple.
So what's the problem?
The problem is that things tend not to be so simple in practice. Often warnings for the sam......
[more] Arafat worm exploits new MS vuln A worm which exploits curiosity about the death of Yasser Arafat is the first to exploit the known Extended MetaFiles vulnerability.
Aler is a network worm that was widely bulk-mailed with the subject "Latest News about Arafat!!!". These infected emails had two attachments, one a clean JPEG file and the other an infected EMF file, according to anti-virus firm F-Secure.
The EMF file exploits a well-known Windows vulnerability (MS04-032) to install the worm onto......
[more] Make IT Secure reveals PC virus threat Four in every ten home and work PCs have been infected with viruses, a study said today as the first Irish 'Make IT Secure' day was launched.
Irish Communications Minister Noel Dempsey, launching the event, said it was worrying that 51pc of people did not know when they had updated their anti-virus software or had not done it for more than three months. "The aim of 'make IT secure' is to share simple and straight forward information with all PC users, in......
[more] 'Gay' worm shuts down Italian senate PCs A worm containing pictures of gay pornography forced the shutdown of the Italian senate computer system, parliamentary officials said on Tuesday.
The virus attack began late on Monday, and came several days following the firing of an assistant to the upper house's vice president, after images of him attending a homosexual party in Rome surfaced.
The worm slipped by the anti-virus software at the chamber, and computer technicians shut off most of the se......
[more] Corporate computers plagued by spyware Corporate desktops pack almost as much spying software as do consumers' machines, according to a US anti-spyware vendor.
Spyware -- the umbrella term given to software that installs and operates without the user's knowledge -- collects data such as surfing habits, or, more maliciously, records keystrokes in the hope of snagging account passwords.
Webroot tallied the results from enterprises scanning networks for spyware with its SpyAudit tool to produce......
[more] Security is just a mouse click away Next time an e-card with a jolly message drops into your computer's inbox, think before you click it open – it could be a virus which will implant itself in your machine and spread before you even realise it.
Computer users across the world are struggling against a rising tide of viruses and spam which corrupt data, slow down or take over systems and fill inboxes with junk. Viruses are mutating and spreading so fast that anti-virus software cannot keep up.......
[more] Trojan program poses as anti-spam screensaver A program that spies on keystrokes and mouse clicks to capture passwords and other personal information from computer users has begun circulating disguised as a screensaver purporting to attack spam-related websites.
This “Trojan horse” program is the latest twist in a controversial saga that began with the release of an anti-spam screensaver by Lycos Europe on 30 November. The www.makelovenotspam.com screensaver aimed to clog up the bandwidth of s......
[more] Malware authors mixing a lethal cocktail Security vulnerabilities will very soon be exploited within hours of their discovery, experts fear Virus writers are combining their efforts with hackers and spammers to launch Swiss Army knife-like malware attacks on users, Kaspersky Labs warned this week.
According to Russian anti-virus company Kaspersky Labs, viruses are being used to infect PCs with Trojans, creating zombie networks that send out spam or participate in denial-of-service attacks.
"We......
[more] Zafi worm will deliver an unhappy Christmas A new version of the Zafi e-mail worm is spreading seasonal greetings along with its malicious code, according to antivirus software companies. Zafi.D is a mass-mailing worm that arrives in a Zip file attached to e-mail messages with the subject "Merry Christmas." Instead of a gift, however, the e-mail package delivers worm code that infects Windows systems on which it is opened.
Antivirus companies have issued warnings about the new worm and updated......
[more] One in every ten emails infected by Christmas card virus, reports Sophos The W32/Zafi-D worm, which was discovered on Tuesday posing as a Christmas greeting, has continued to cause problems for unprotected computer users. Experts at Sophos report that the virus is currently accounting for 75% of all virus reports at Sophos's global network of monitoring stations in the last 24 hours.
The W32/Zafi-D worm, which is believed to originate from Hungary, spreads inside holiday season goodwill email......
[more] Kaspersky has IP doubts about Microsoft's Virus Information Alliance Kaspersky's CEO Natalya Kaspersky has said her company has been hesitant in joining Microsoft's Virus Information Alliance because of concerns that Microsoft would use that information to the advantage of its own antivirus product.
Microsoft's Virus Information Alliance (VIA) was formed to share information on viruses. However, antivirus companies do this already on a monthly basis - more often if necessary - outside of VIA.......
[more] Cyber Criminals Prove Elusive It was a great year for catching cyber criminals, but the culprits behind some of the most damaging software viruses of 2004 are proving adept at eluding authorities, security experts say.
Tracking virus writers -- and more importantly, gathering evidence against them -- is a thorny problem for law enforcement agencies worldwide. While the number of arrests made and sentences handed down make 2004 the best year yet for catching cyber criminals, it won't have a no......
[more] Netsky Takes The Biggest Worm Of 2004 Award Although getting anti-virus vendors to agree is like getting Bill O'Reilly and Michael Moore to share a cab, it seems Netsky has the dubious honor of taking the top spot of most 2004 threat rankings.
According to Helsinki-based security firm F-Secure, Netsky.p, a variation that debuted in March 2004, was the most common piece of malicious code in the wild, accounting for nearly one in four (24.3 percent) viruses or worms. Four other Netsky variants m......
[more] Access all areas Doubts about security have long discouraged many firms from deploying mobile computing. But wireless technology has moved on When many companies find it hard enough to control the IT use of office-based employees, how do you convince them that giving staff remote access is a good idea?
This is the dilemma that faces all notebook, wireless networking and remote-management software manufacturers and resellers. There are a lot of variables to consider. The process of providing a m......
[more] Microsoft virus clean-up tool sparks controversy Microsoft debuts a malicious software removal tool today. It represents the first tangible fruits of Microsoft's June 2003 acquisition of Romanian anti-virus firm GeCAD Software.
The Microsoft Windows malicious software removal tool consolidates utilities released by Microsoft to remove viruses such as Blaster from infected systems. This clean up tool will be made available through Windows Update or as a separate download and updated on the seco......
[more] Microsoft to become security outfit by next month An analyst at corporate crystal ball gazers, JP Morgan, is predicting that the Mighty Microsoft will penetrate the anti-virus market by February 15th.
Adam Holt says that he sees Supreme Vole Bill Gates standing before a large group of people showing them his latest big offering.
It looks like it might be the RSA Security conference in San Francisco on February 15, where Gates is down as the guest speaker.
Hold didn't say if he saw people app......
[more] Fathers 4 Justice deny internet virus Potentially harmful computer viruses that purport to come from the controversial campaign group Fathers 4 Justice have been unleashed on the internet.
The rogue programs place a link to the organisation's website on the desktop before e-mailing copies to everyone in the owner's address book. They also try to disable the keyboard and mouse and shut down the hard drive.
Sophos, a computer security company that identified the viruses, said they were not yet......
[more] Virus disguised as Saddam Hussein death photographs, Sophos reports Anti-virus experts at Sophos have warned computer users that a worm is spreading posing as photographic evidence that Saddam Hussein has been killed following an attempted escape bid from custody.
The W32/Bobax-H worm is designed to create zombie networks of innocent third-party PCs for spammers to spread junk email from. The worm spreads both via email and using a Microsoft security vulnerability previously exploited by the i......
[more] Avoid the Valentine virus onslaught Lovelorn surfers need to be on their guard over the next few days as virus authors turn romantic in an attempt to infect computers.
According to anti-virus experts, Valentine's Day is a subject most often used by the creators of nasty email viruses to wreak havoc and infiltrate Inboxes.
As Valentine's Day approaches – Monday 14 - Sophos has already discovered two new viruses that bring loving greetings via email attachments and peer-to-peer networks.
The......
[more] Clarke joins latest cyberterror debate Proposals for a World Security Organisation to tackle cyberterrorism continue to alarm experts, including former White House cybersecurity chief Richard Clarke Richard Clarke, the former White House cyber security advisor, has criticised a UK company for using the term "cyberterrorism".
DK Matai, chairman of security consultancy company mi2g, put forward proposals to the Oxford University Internet Institute on Thursday night for a World Security Organisati......
[more] Patch now against virus-writing clowns F-Secure yesterday urged users of its anti-virus products to apply security patches following the discovery of potentially serious security vulnerability in 18 of its products. The security bug - unearthed by security researchers at ISS - involves flaws in the processing of ARJ archive files by an antivirus library that give rise to possible buffer overflow attacks. Desktop, server (Linux and Windows) and gateway version of F-Secure's security products all......
[more] Microsoft acquisition adds to anti-virus, anti-spam arsenal Microsoft last week made another acquisition to strengthen its anti-virus and anti-spam strategy and signal corporate customers that it plans to increase protection for desktops and servers.
The question now is how will Microsoft pull together all the disparate technology it has acquired and been developing over the past 18 months? Microsoft bought anti-virus and anti-spam vendor Sybari Software for an undisclosed sum last week, addi......
[more] F-Secure Grew Faster Than All The Other Antivirus Vendors On The Market F-Secure is again the fastest growing antivirus company in the world with an antivirus and intrusion prevention revenue growth rate of 50% for the whole year of 2004 F-Secure has again proven to be the fastest of the AV companies: fastest in growth, and fastest in responding to new viruses and threats. The reliability of the company's protection service is being matched by sustained financial performance with revenues of 12......
[more] New version of MyDoom virus begins its rounds A new version of MyDoom is being reported by antivirus companies.
Vendors rate the threat as medium. Although it is similar to previous versions, at least one of the reasons for its relative success is the message which is written in plain English and not punctuated with mistakes and poor grammar.
The message suggests that the recipient's email address is being used to send spam and that an attached file contains instructions on how to deal with t......
[more] UK gets official virus alert site A rapid alerting service that tells home computer users about serious internet security problems is being launched by the UK government. The service, IT Safe, will issue warnings about damaging viruses, software vulnerabilities and weaknesses on devices such as mobile phones.
Alerts tell people how the threats affect them and what they can do to avoid trouble and protect themselves.
The service will be free and those who sign up can get e-mail or text alert......
[more] Home Office in drive to stamp out botnets The Home Office has launched a high-profile campaign to secure the internet against hacking groups using networks of infected computers to launch worm, spam and denial of service attacks against critical businesses and services. The campaign, which features a website and an alert service to help non-IT specialists protect their computer systems, is designed to plug one of the weakest links in security on the internet: home and small business PCs.
Over t......
[more] Anti-virus expert claims spyware does not exist Reports of spyware's life have been greatly exaggerated, according to anti-virus expert Eugene Kaspersky. Kaspersky, head of his self-titled company, claimed spyware has been around for years, and recent scare stories are simply the result of marketing men profiteering.
"The term spyware is basically a marketing gimmick," said Kaspersky on the company weblog. "Just to separate new ersatz-security products from traditional ones, just to push almos......
[more] F-Secure gets to the root of the problem New tool to ward off latest computer threat The latest threat to computer users can be invisible to conventional anti-virus and anti-spyware solutions.
This was the stark warning from security company, F-Secure as it launched a free tool that will search out the menaces known as Rootkit attacks that the company said have the potential to become a major problem.
A Rootkit is 'stealth' software that can hide malicious programs, such as viruses, Trojans, s......
[more] CyberGuard snags anti-spam outfit Zix for $3.6m Security firm CyberGuard has bought the anti-spam, anti-virus and URL filtering business of Zix Corporation for $3.6m in cash. The deal - announced Monday, 14 March and approved by the boards of directors of the two companies - will see Zix's Web Inspector and Message Inspector products moved over to CyberGuard's portfolio.
The acquisition will give CyberGuard the opportunity to sell its Webwasher products to Zix's 1,600 enterprise customers and......
[more] FTC hits anti-spyware scammers with ban A Washington-based company has been accused of providing anti-spyware software that allows spyware in. SpywareAssassin has been shut down by the Federal Trade Commission (FTC) after an investigation revealed the product did not actually work.
The FTC used SpywareAssassin on its own clean systems, only to find that it still detected spyware.
"The pop-up that announces that consumers have spyware pops up automatically, even when the computer is clean and......
[more] Why power plants need anti-virus Utility companies are been urged to review cyber security risks as the industry moves over from proprietary technologies to cheaper Windows-based systems. Attendees at an Industrial Cyber Security Conference in London on Tuesday 15 March were told that the control systems of utilities are becoming open to the kinds of attacks that bedevil corporate systems, such as computer worms and DDoS attacks, as power and water companies embrace the net.
What's the evidenc......
[more] The strange decline of computer worms Computer worms are becoming less commonplace as virus writers diversify their malware spreading tactics to create the maximum effect for the least possible effort. Email-borne worms, such as NetSky, Bagle and Sober, remain perennial favourites with malware authors but Slammer-style worms are becoming rarer, according to anti-virus firm F-Secure.
Mikko Hyppönen, director of anti-virus research at F-Secure, said that with the single exception of the Santy wo......
[more] Hackers Write Spyware For Cash, Not Fame More than 70% of virus writers are now writing spyware under contract, one more piece of evidence that hacking has evolved from mischievous hobby to money-making criminal venture. More than 70 percent of virus writers are now writing spyware under contract, one more piece of evidence that hacking has evolved from mischievous hobby to money-making criminal venture, a security firm reported Monday.
Tel Aviv-based Aladdin Systems said its analysis showed t......
[more] Sophos Reveals Latest 'Dirty Dozen' Spam Producing Countries Sophos, a global leader in network security, today published the results of its research on the top twelve spam producing countries. Researchers from SophosLabs(TM), Sophos's global network of virus and spam analysis centers, examined all spam messages received at its global network of spam traps from January 2005 through March 2005. Based on the analysis, experts found that the United States topped the Dirty Dozen chart once again, e......
[more] E-mail scam directs users to bogus Windows update An e-mail scam making its way around the Internet purports to be a message from Microsoft warning users of the Windows operating system that they need to download a security update -- only to leave their PC infected.
Once users link from the e-mail to a bogus Web site their computers will be infected by a "Trojan horse'' program that allows hackers to control their personal computers, anti-virus software maker Sophos said Friday.
The campaign......
[more] New Spam Scam Exploits Pope's Death A new spam campaign is exploiting people's interest in and grief over the death of Pope John Paul II. The spam claims to offer readers a free collection of books written by the late pope. The email tells users to click on a link to receive the gift, but the link actually takes them to a Web site offering ''free money-making advice''. ''This is absolutely slimy,'' says Carole Theriault, a security consultant with Sophos, Inc., an anti-virus and anti-spam compa......
[more] Mozilla spam fools the net savvy A new spam campaign, making use of browser incompatibility, is fooling users into downloading a virus. The spam appears as a message telling the recipient that their website is incompatible with Mozilla-based browsers and asks the reader to fix the "problem".
"The email arrives with an attachment, supposedly a screenshot, so that the recipient can examine the problem," said Roel Schouwenberg, senior research engineer at Russian anti-virus firm Kaspersky on its......
[more] Save us from spam The majority of UK consumers and small businesses are yet to deploy anti-spam filters. A poll of UK residential email users and SMEs published Monday found 57 per cent have no anti-spam filtering installed, leaving them unprotected from spam, key logging and phishing attacks. Four in five consumers (82 per cent) have anti-virus protection, predominantly desktop scanners.
Most consumers (60 per cent) polled in the survey from email filtering outfit Checkbridge reckon that thei......
[more] The Web, not email, poses the biggest security threat to systems To most companies, the perception is that the biggest threat to their users’ security continues to come from email and Spam. In today’s world, corporate communications systems are totally reliant on giving their employees Web access and email to conduct their business. Take away access to email and the Web for most employees, and they’d claim their productivity would fall. So the focus today of most IT security vendors and corpora......
[more] Blog at your own risk Blogs are getting popular with hackers too, so be careful whose blog you wander into Blog authors open up their lives to you on their web logs. But surf to the wrong blog, and you could be opening up your computer to a hacker.
A recent report by web security firm Websense warned that hackers are now using blog sites as gateways into computers of surfers who are tricked into clicking on a link to them.
These hacker-maintained websites contain malicious codes, such as Troja......
[more] Unpatched machines 'Net's biggest threat' Most Internet-connected computers don't have up-to-date software with the latest security holes patched, and this is fuelling a rise in cybercrime, according to McAfee Unpatched computers continue to represent the IT world's biggest security problem, keeping threats that target software vulnerabilities at the top of McAfee's latest industry analysis.
In its report covering security threats during the first quarter, McAfee's Anti-virus and Vulnerability......
[more] Sophos announces new "Tiger" version of their leading Mac OS X anti-virus solution New version of Sophos Anti-Virus provides centralised control for businesses upgrading to Mac OS X 10.4 Tiger Sophos, a world leader in protecting businesses from spam and viruses, today announced that Sophos Anti-Virus for Mac OS X has been extended to include support for the latest version of the Apple Macintosh operating system, Mac OS X 10.4 Tiger.
Ideal for multi-national organisations as well as small and m......
[more] Top ten viruses and hoaxes reported to Sophos in April 2005 Sophos, a world leader in protecting businesses against spam and viruses, has published a report revealing the top ten viruses and hoaxes causing problems for businesses around the world during the month of April 2005.
The report, compiled from Sophos's global network of monitoring stations, shows that Zafi-D, which first appeared at the end of 2004, continues its reign at the top of the list for the fifth month running, accounting fo......
[more] Aladdin Sees Dramatic Increase in Email Traffic with Outbreak of Win32.Sober.s Aladdin Knowledge Systems Ltd. today announced that its Content Security Response Team (CSRT) identifies the new Win32.Sober.s worm as a medium to high risk for corporate networks worldwide. Aladdin eSafe customers are proactively protected without a need for signature updates.
Win32.Sober.s is a mass-mailing worm that continues to quickly infect computers throughout the United States and Germany by disguising itsel......
[more] Biggest security holes revealed Media players and anti-virus programs have been named in a list of the most pressing security problems. Drawn up by non-profit security group Sans, the Top 20 names the software most in need of fixing to avoid attack by malicious hackers.
Programs make it on to the list if they are widely used, the bugs widely known and are being actively exploited.
Vulnerabilities are being exploited so fast that Sans is issuing its Top 20 four times as often.
Faster threats......
[more] CyberGuard launches wireless security appliance for SMEs CyberGuard Corporation has announced a new all-in-one wireless workgroup security and data access appliance, the CyberGuard SG565, designed to secure the wireless and wired local area networks of small and medium-sized enterprises.
Unifying defences to combat blended threats via a single device combining firewall, intrusion prevention and gateway anti-virus is quickly becoming a requirement for small and medium-sized businesses. CyberGua......
[more] Cyberguard brings networking to small businesses Cyberguard is coming out with a box that tries to be the only networking equipment needed in small offices.
Called SG565 the device includes a firewall, VPN support, intrusion protection, anti-virus software, traffic shaping, a five-port Ethernet switch and two USB ports that can support a printer and external storage. In addition to all that, it also includes an 802.11b and g Wi-Fi access point.
A box like this could support a small business......
[more] Sober Virus Behind German Spam Barrage A new variant of the Sober mass-mailing worm is being blamed for the deluge of German spam messages flooding inboxes this weekend, anti-virus experts warned on Sunday.
The spam barrage arrives with politically-themed messages in German and contains only links to news articles on German Web sites. Finnish anti-virus vendor F-Secure Corp. said the spam run is being powered by Sober.Q, the latest mutant of a worm that was first spotted in October 2003.
The......
[more] No 'sorry' from Love Bug author Five years ago, a new "supervirus" hit the headlines. It had the two successful - but evil - elements: destructive virus coding coupled to an enticing title and the simple fact that it arrived from someone the recipient knew. The combination was virus dynamite.
Most viruses start slowly and then build power; "I Love You" hit the computer world like a bomb - anti-virus companies had not seen anything like it and while they struggled to contain the infection, copy......
[more] Save us from spam The majority of UK consumers and small businesses are yet to deploy anti-spam filters. A poll of UK residential email users and SMEs published Monday found 57 per cent have no anti-spam filtering installed, leaving them unprotected from spam, key logging and phishing attacks. Four in five consumers (82 per cent) have anti-virus protection, predominantly desktop scanners.
Most consumers (60 per cent) polled in the survey from email filtering outfit Checkbridge reckon that thei......
[more] eSafe 5 Targets 'Drive-By' Spyware Sites A new version of Aladdin Knowledge Systems Ltd.'s eSafe gateway security software promises to protect users from a host of Internet ills, including so-called drive-by download Web sites used to place spyware on vulnerable systems, the company said.
Aladdin, of Tel Aviv, Israel, announced the availability of eSafe 5 at the Information Security Decisions conference here Monday. The addition of anti-spyware features comes as companies are struggling to def......
[more] Aladdin Takes Home Two Industry Awards Aladdin Knowledge Systems, the worldwide leader in Software Digital Rights Management (DRM) and a leading innovator in enterprise content security and strong authentication solutions, today announced it received two significant industry awards in April, recognizing the Aladdin eToken authentication and password management solution and Aladdin eSafe, an integrated content security and anti-virus solution for gateways.
"Best Authentication Solution" - Aladd......
[more] Sophos Anti-Virus receives 28th Virus Bulletin 100% award Sophos, a world leader in protecting businesses against viruses and spam, today announced that Sophos Anti-Virus has been awarded the VB 100% award in the June 2005 edition of Virus Bulletin. This is the 28th time Sophos Anti-Virus has won a VB 100% award, confirming its position as one of the most powerful virus protection products available.
Virus Bulletin tested 28 different anti-virus products for their detection rates, lack of fal......
[more] New Symbian malware pretending to be F-Secure Anti-Virus F-Secure reported that they received a sample of new Symbian trojan Skulls.L that pretends to be a pirate copied version of F-Secure Mobile Anti-Virus. Skulls.L is a minor modification of Skulls.C trojan, about the only differences are that Skulls.L is named the same as F-Secure Mobile Anti-Virus installation package, and that the trojan shows dialog text "F-Secure Antivirus protect you against the virus. And don`t forget to update this!"......
[more] Britney Spears Most Popular Hacker Alias A computer software company says pop music star Britney Spears’ name is used more often by “Spammers” than any other moniker.
Officials says those mass e-mails usually contain damaging viruses.
Panda Software says most virus creators employ good-looking women celebrities or other famous names to send their infected messages. Names often used including Spears, Paris Hilton, Bill Gates, and Osama Bin Laden.
A recent ploy used to pass along various infec......
[more] CyberGuard targets small business with $750 U appliance CyberGuard Corp, a company that has made its name as a supplier of firewalls to big business and the defense sector, is to target small companies with a $750 all-in-one security appliance. Last month the company announced plans for an 'all in one' appliance for small businesses and branch offices later this summer. That unit, the SG565 was described as an $859 appliance that includes firewall and VPN features, anti-virus and intrusion preve......
[more] CyberGuard Raises the Bar for Web Filtering Security with Triple Anti-Virus Engines for its Webwasher Content Security Suite New Webwasher CSM 5.2 Version Includes One-Click Lockdown Feature to Keep Businesses Under Heavy Attack Running and Integrated Identity Theft Protection CyberGuard Corporation, a global provider of security solutions that protect the critical components of the largest and most complex information networks for Global 2000 enterprises and government organizations, today anno......
[more] Fake Microsoft security alert includes Trojan patch A new wave of spam that disguises itself as a Microsoft security bulletin contains a link to malicious software that gives attackers complete access to the infected machine, security researchers are reporting.
The e-mail, which began circulating late Tuesday, identifies itself as Microsoft Security Bulletin MS05-039, and offers a link to what it claims is a patch against the Sober Zafi and Mytob worms.
In fact, there is no such thing as Mi......
[more] Today's Hackers Code for Cash, Not Chaos As volunteer director of the SANS Institute's Internet Storm Center, Marcus Sachs has an eagle-eyed view of Internet security, tracking cyber-threats in real time and raising awareness when malicious hackers launch attacks.
Sachs also directs the Washington operations of the Cyber Security Research and Development Center, which is operated by SRI International's Computer Science Laboratory under a contract with the U.S. Department of Homeland Security.......
[more] Malware authors up the ante Malware authors have increased both the volume and sophistication of their attacks over the last six months. In the first half of 2005 anti-virus firm Sophos detected and protected against 7,944 new viruses - up 59 per cent from the first six months of 2004. The number of keylogging Trojans has tripled in the first six months of 2005 compared to the first half of 2004.
More computer viruses and worms mean an unprotected Windows PC (without either firewall or antivir......
[more] Microsoft rewards Sasser informants $250,000 Two people who pointed the finger of blame at Sven Jaschan, the 19-year-old author of the Sasser internet worm, are to be rewarded $250,000 by Microsoft for helping the company and law enforcement track down the creator of one of history’s most disruptive viruses.
Announcing the decision on Friday, the software colossus refused to identify the duo, but said “certain individuals” will now share the bounty put up by the company, Interpol, the FBI and......
[more] $250K reward for Sasser virus informants The two people who helped identify the creator of the infamous Sasser worm in 2004 will share a reward of $250,000, Microsoft confirmed Friday. News of the payment under the software giant's Anti Virus Reward Program comes after a German court sentenced Sven Jaschan, 19, self-confessed author of Sasser to 21 months probation and a community service order following his conviction on computer sabotage offences.
Sasser is a network aware worm that exploite......
[more] Sophos Introduces ZombieAlert Identifies 'zombie' computers on an organization's network; notifies customers if their IP addresses are listed in public Domain Name Server Blackhole Lists. Sophos, a developer of anti-virus and anti-spam software, today announced the availability of Sophos ZombieAlert, a new alert service that identifies 'zombie' computers on an organization's network.
Zombie computers are infected machines that give control to unauthorized and remote users, allowing them to send......
[more] Sophos Anti-Virus Certified to Detect 100 per cent of Spyware in Checkmark Leading independent testing body awards Sophos Anti-Virus with spyware certification Independent research and test centre West Coast Labs has announced that Sophos Anti-Virus for Windows XP has been awarded the certification Checkmark for detecting 100 per cent of the spyware in their rigorous tests.
The certification confirms Sophos's expertise in protecting businesses against the spyware threats and joins existing aw......
[more] E-Greetings Pose Security Risk Cyber criminals are increasingly using e-greetings to lure consumers into clicking on links that download malicious code into their computers, a security expert said Tuesday. Cyber criminals are increasingly using e-greetings to lure consumers into clicking on links that download malicious code into their computers, a security expert said Tuesday.
Over the last three months, Internet security vendor SurfControl Plc has tracked a 30 percent jump in malicious e-mai......
[more] Global Banking Leader Selects CyberGuard to Secure Worldwide Operations Financial Institution Selects Webwasher Content Security Management Suite for Comprehensive Anti-Virus Protection CyberGuard Corporation, a global provider of security solutions that protect the business-critical information assets of Global 2000 enterprises and government organizations, today announced that one of the world's leading financial firms will standardize its global content security operations on CyberGuard's Web......
[more] Japanese bank accounts raided by spyware Experts at Sophos are advising computer users to ensure their anti-virus products can also protect against spyware after the reported theft of $84,000 (9.4 million yen) from nine Japanese bank accounts.
According to reports, the money has been illegally withdrawn from nine accounts at three different banks, because of a spyware infection.
Terunobu Maeda, chairman of the Japanese Bankers Association and president and CEO of Mizuho Financial Group, said......
[more] 95% want anti-virus companies to block spyware, reveals Sophos poll A web poll of more than 1000 business PC users, conducted by Sophos, has revealed that 95% think anti-virus companies should protect computers from spyware.
Spyware, a computer program that sends information from a computer to a third party without the user's permission or knowledge, is a growing underground industry. Every month, Sophos analyses about 500 samples of code that attempts to give remote users unauthorised access......
[more] Virus Writer Targets AV Vendors A virus writer released malicious code that ridicules anti-virus vendors and the Sasser worm author. A virus writer apparently seeking notoriety instead of financial gain has released malicious code that ridicules anti-virus vendors and Sasser worm author Sven Jaschan, a security firm said Friday.
The Lebreat-D virus, which is rated a low threat, creates in infected computers a JPEG image file of Jaschan, a German teenager recently convicted of authoring the wide......
[more] Hasta la Vista, baby Virus writers have created proof of concept viruses targeting the scripting language behind prototype versions of Vista, the next version of Windows. An Austrian virus writer has published five simple viruses targeting Microsoft Command Shell (MSH), the command line interface and scripting language, in a virus writing magazine. None of these pieces of malware have been named as yet.
As MSH (codenamed 'Monad') is scheduled to ship as the default shell for Windows Vista (whi......
[more] Security Firm Warns of IM Worm Less than a week after sounding the warning bell regarding a barrage of threats coming through public Instant Messaging (IM) clients, Akonix Security Center said it has discovered another bug.
The latest IM spyware worm, is named Chode-D, is moving rapidly over leading public IM networks, the security center said. The worm has been classified as a "medium risk."
The firm said it is using its IM malware, SPIM and protocol update system, which automatically push......
[more] Worm wears iTunes guise The latest incarnation of the Opanki worm, which spreads itself using AOL Instant Messenger, has begun targeting iTunes users.
The worm appears as a message headed 'this picture never gets old' and carries as a payload a link to a file called itunes.exe. Anyone who clicks on the link to download the Apple app receives the worm, which modifies Windows to ensure it runs whenever the host machine is restarted, and downloads a set of four adware programs.
According to anti......
[more] Crossbeam nets $20M as sector blooms Crossbeam Systems Inc. quietly raised $20 million in venture capital last month, by far the largest round this year in Massachusetts' burgeoning network-security sector.
A rapid increase in the number of security applications has led to swift growth at Crossbeam. The company -- which had $10 million in revenue in the second quarter and is on pace for at least $50 million in sales this year -- has doubled sales every year, according to Crossbeam CEO Peter G......
[more] Windows 2000 bug starts virus war A war has broken out between hackers behind viruses that exploit a recently discovered loophole in Windows 2000. The viruses written by the competing hacker groups are fighting it out for supremacy on infected machines.
Some of the variants seek out and delete rival viruses they find on machines they manage to penetrate.
The slew of malicious programs exploiting the loophole caused trouble for many organisations early this week as the bugs began infecting c......
[more] Secure Computing buys CyberGuard for $295m Secure Computing is buying rival CyberGuard for $295 million.
Secure Computing expects to see revenue jump from $110 million per year to $200 million, said Mike Gallagher, senior vice president of product development. The company has warned of product changes and lay-offs.
"There is overlap in some assets," said Gallagher, pointing out that Secure Computing's G2 Sidewinder firewall competes directly with CyberGuard's Total Stream Protection line of f......
[more] ID theft spyware scam uncovered Thousands of computer users have been caught out by a huge ID theft ring. Security firm Sunbelt Software said it stumbled across a US-based server storing megabytes of data stolen from compromised computers while researching spyware infections.
The server held passwords for online accounts from 50 banks, Ebay and Paypal logins, hundreds of credit card numbers and reams of personal data.
The FBI has reportedly now started investigating the ring of ID thieves.......
[more] F-Secure Adds Behavioral Analysis to Enterprise Antivirus Software "Antivirus vendors are helping customers to tackle unintentional employee errors by developing security lock-down and admission control features, such as Internet quarantine in F-Secure Anti-Virus Client Security 6.0," said Thomas Raschke, an analyst at research firm IDC. F-Secure has launched a new version of the company's antivirus software, called Anti-Virus Client Security, that integrates spyware and spam protection with po......
[more] Sophos joins Anti-Spyware Coalition to help protect businesses from growing threat Sophos, a world leader in protecting businesses against viruses, spyware and spam, has today announced its membership of the Anti-Spyware Coalition (ASC). Sophos joins an alliance of technology companies and public interest groups whose mission is to create a consensus regarding spyware definitions, along with best practice in the debate surrounding spyware and other potentially unwanted software.
Protection fr......
[more] Bot herder websites in internet take-down Bot herder websites that specialise in dumbing down the process of managing zombie networks of compromised Windows PCs are under attack. High profile bot sites such as ryan1918.com and 0x90-team.com have disappeared, reports anti-virus firm F-Secure. Another such site, known as "Neo, The One" (neo-theone.com.ar), which was hosted in Argentina, went offline on Friday (9 September).
Authorities are clearly turning up the heat on such sites, but the figh......
[more] Zombie bots clog internal networks A significant chunk (12 per cent) of all scanning attacks found on a broadband service provider's network are launched from the machines of its own subscribers. That's according to a study by traffic management firm Sandvine which says its findings dispel the idea the broadband security involves only policing the borders between external and internal networks. Subscribers need to be protected from each other as well as external malicious hosts, it concludes.......
[more] Sophos joins drive to cure virus-naming confusion Sophos has announced that it has joined the editorial board for the Common Malware Enumeration (CME) initiative, an industry group whose aim is to provide unique, common identifiers to new malware threats. Sophos has announced that it has joined the editorial board for the Common Malware Enumeration (CME) initiative, an industry group whose aim is to provide unique, common identifiers to new malware threats.
The CME initiative aims to mitigate c......
[more] F-Secure brings increased levels of protection and anti-virus support to Windows Mobile users F-Secure has announced it is to extend support for its F-Secure Mobile Anti-Virus to Microsoft’s Windows Mobile operating system. The solution brings new levels of protection for Windows Mobile users. Symbian Series 80 users will also get a new product called F-Secure Mobile Security, which contains a mobile firewall alongside anti-virus functionality.
With this latest release now in place, F-Secure M......
[more] Anti-spam user authentication is 'worse than useless' Claims that user authentication schemes will reduce spam are not just wrong but "wrongheaded", a security researcher warned on Friday.
User authentication schemes such as SPF (Sender Policy Framework) and Sender ID check if machines are allowed to send email from a claimed domain - a kind of caller line identification (more here on email authentication). But "this doesn't tell you who the actual sender was or the spaminess of a message," Ni......
[more] Microsoft security plan starts with anti-virus Company pushes into anti-virus market with Microsoft Client Protection Microsoft sketched its security road map last week, detailing new products while avoiding talk of ship dates.
Microsoft CEO Steve Ballmer and Mike Nash, vice president of Microsoft's security business and technology unit, held their press conference in Germany, unveiling an anti-virus product for businesses called Microsoft Client Protection, an anti-virus tool for Exchange, and......
[more] Worm spoofs Google on infected PCs Virus writers have developed a worm that spoofs the behaviour of internet search engine Google, varying the results displayed to suit the requirements of hackers.
P2Load-A modifies the HOSTS file on infected PCs by replacing the original with a file downloaded from a remote website under the control of hackers. When users run a search, the results are normally shown correctly - but sponsored links are different. For some searches, other links appear which hav......
[more] October breaks malware production records October saw the biggest increase in virus numbers since anti-virus firm Sophos began tracking outbreaks in 1988. The security vendor now identifies and protects against a total of 112,142 viruses, an increase of 1,685 on September.
Rather than creating new viral strains, the bad guys are churning out multiple new variants of popular backdoor programs such as Agobot, SdBOt, various Trojan downloaders and the like. Anti-virus firm F-Secure notes that man......
[more] P2P Attacks Up; IM Hits Down IM security solutions provider Akonix Systems said its research team tracked 22 new attacks on Peer-to-Peer networks in October, a 19 percent increase over September.
The attacks on networks such as eDonkey and Kazaa came at the same time the Akonix Security Center tracked a decrease in attacks on Instant Messaging networks during the same time frame.
Don Montgomery, vice president of marketing at Akonix Systems, said October marked the first month that P2P attac......
[more] Microsoft's AntiSpyware Rebranded 'Windows Defender' Microsoft Corp.'s Windows AntiSpyware technology has been renamed "Windows Defender" and has been expanded to detect and remove rootkits, keystroke loggers and other forms of malware.
The revamped application will be bundled into the Windows Vista operating system, but users will be free to choose a competing spyware protection product from a redesigned Windows Security Center.
Jason Garms, group program manager for Microsoft's anti-malware......
[more] Mobile Trojan distributes pirate anti-virus software A Trojan horse discovered on Tuesday includes a fully working -- but pirate -- copy of an anti-virus application called ExoVirusStop by exoSyphen Studios. Mobile phone malware is often disguised as a security application in order to dupe the user into installing it. However, the latest version of Doomboot, which attacks the Symbian platform, is the first to contain a fully working copy of an anti-virus application, according to Jarno Niemela,......
[more] Sophos Anti-Virus wins its 30th Virus Bulletin 100% award Sophos, a world leader in protecting businesses against viruses, spyware and spam, today announced that Sophos Anti-Virus has been awarded the VB 100% award by Virus Bulletin magazine. This is the 30th time Sophos Anti-Virus has won a VB 100% award, confirming its position as one of the most powerful virus protection products available.
Virus Bulletin tested 27 different anti-virus products for their detection rates, lack of false alar......
[more] Sober Virus Clones Taunt AV Vendors A new batch of Sober virus clones has been spammed around the world to seed botnets for malicious use, anti-virus vendors warned Tuesday.
The appearance of the latest threat comes 24 hours after law enforcement authorities in Germany predicted the Sober mutants would appear as e-mail attachments in German or English.
According to F-Secure Corp., an anti-virus vendor based in Finland, at least four new versions of the virus have been detected. All are capabl......
[more] Hackers Change Course According to the SANS 2005 Top 20 list of the most critical Internet security vulnerabilities, application programs are the thing of hackers' dreams.
In particular, the SANS report noted that backup applications are being increasingly targeted and now hold the No. 1 spot on the "Vulnerabilities in Cross-Platform Applications" listing.
Alan Paller, director of research for the SANS Institute, said that the vulnerabilities mentioned in the top 20 report are widespread an......
[more] Sober Worm Hidden In Fake CIA E-Mails Remains Threat One in every 14 E-mail messages passing through the filters of U.K.-based Sophos carried the Sober payload, with the worm accounting for 85% of all malicious code detected. Sober.x, the year's biggest worm outbreak, showed little signs of slowing Monday, a security company reported.
One in every 14 e-mail messages passing through the filters of U.K.-based Sophos carried the Sober payload, with the worm accounting for 85 percent of all malici......
[more] Sober Tops November Virus Chart Security provider Sophos has revealed the top ten viruses affecting PCs around the world during the month of November 2005.
The report, compiled from Sophos' global network of monitoring stations, reveals that, despite being detected very late in the month, the Sober-Z worm has stormed to the top of the charts, and at its peak accounted for one in every 13 emails sent. The proliferation of Sober-Z has caused Netsky-P, the worm written by convicted German teenag......
[more] Steel firm seals IT flaws from attack Steel giant Foseco is updating its IT security management systems to protect intellectual property and guard against viruses, spyware and hackers.
The FTSE-listed firm has installed BigFix patch configuration and IT security management systems at its offices in the UK, Japan, Korea, India, Australia and South Africa, and plans to extend it further over the next few months.
The BigFix technology automates the process of patching security vulnerabilities in......
[more] F-Secure buys Finnish appliance vendor Finnish security vendor F-Secure has acquired network monitoring appliance vendor ROMmon. The deal will give F-Secure a new device to add to its line of security products for ISPs.
ROMmon's product has been renamed F-Secure Network Control Appliance, and will eventually be integrated into new security products for ISPs, said Mikko Hypponen, director of anti-virus research with F-Secure.
"The strength of the device is that it's really capable of operating......
[more] Virus honey-pots to immunise the web Researchers claim that 'cure information' can be spread faster than the virus itself Researchers at Tel Aviv University have published a plan to rid the internet of viruses using a network of automated virus clean-up systems.
The plan centres on a network of so-called 'honey-pot' computers, which are designed to look like unpatched PCs.
These PCs attract viruses and automatically work out a viral signature file and start to distribute the cure immediately.......
[more] Rootkits storm malware chart The most common rootkit is a spyware application known as Apropos, according to data collected by security experts at F-Secure.
Apropos is a spyware application that collects data on a user's the browsing habits and system information and sends that back to the application's creators. It is also capable of recording keystrokes, launching a denial of service attack and can download and install additional software on an infected computer.
Rootkits have become a main......
[more] Sober worm plans 5 January attack Security outfit iDefense is reporting that the next Sober worm attack will take place on 5 January - the 87th anniversary of the founding of the Nazi party.
The information has been gleaned from breaking encrypted code in the latest version of Sober which dominated the November anti-virus ratings. According to iDefense, "the November 22 variant is designed to download an unknown payload of code on January 5, 2006".
As we reported last month, Sober accounted f......
[more] Microsoft ‘fuming’ after Dasher-B exploits old Windows flaw Microsoft has been “left fuming” after security experts warned of new malware that successfully exploits a Windows flaw that the Redmond firm first identified over two months ago, a security expert claimed. The Dasher-B worm exploits a vulnerability in Microsoft Windows Distributed Transaction Coordinator (MSDTC), first announced by the computer giant in October. The worm opens a backdoor on vulnerable computers and causes them to conne......
[more] Aladdin eSafe and eToken Named Finalists in Five Categories for 2006 SC Magazine Awards Aladdin Knowledge Systems, the worldwide leader in Software Digital Rights Management (DRM) and USB-based authentication solutions, and a leading innovator in enterprise secure content management, today announced that it has been named a finalist for five of SC Magazine's 2006 award categories in the United States, including:
Best Anti-Virus Solution
Best Anti-Trojan Solution
Best Ant-Worm Solution
Best Int......
[more] Microsoft Confirms Windows Flaw The software giant admits to a security breach to its Windows operating system and offers ways for consumers to steer clear of problems At a time when most people are enjoying a holiday break, computer security experts are on high alert. On Wednesday, Microsoft confirmed that it is investigating a new security vulnerability in the Windows graphics-rendering engine—the part of Windows that turns code into pictures.
Attackers can take control of a Windows PC by lu......
[more] Aladdin eSafe Gateway Solution Protects Against New WMF Exploit Aladdin Knowledge Systems Ltd., a provider of security solutions, announced that its Aladdin eSafe integrated content security and anti-virus suite proactively protects organizations from the recently discovered WMF (Windows Meta File) exploit (MS05-053).
The primary attack vector for WMF comes from manipulated Web-based images and pop-ups that download spyware and Trojans, as a result conventional content security solutions are u......
[more] F-Secure Anti-Virus Client Security wins prestigious InfoWorld-award F-Secure Anti-Virus Client Security 6 won prestigious InfoWorld Best Anti-Spyware Solution -award in their annual Technology of the Year Awards. The award is the latest addition to the long list of good reviews the product has received in European and US magazines.
"InfoWorld's Technology of the Year awards recognize the best solutions in the most important technology categories," said Doug Dineley, executive editor of the I......
[more] Nazi worm author prepares Net meltdown A security headache is brewing as the payload of various Sober worms is activated tonight.
According to security experts that broke the worm's encrypted code, 5 January 2006 is the date set for it to download code from various Web addresses on the Net. As such, at the stroke of midnight, the worm's author may or may not choose to turn on various websites and causes widespread problems across the Internet.
The date coincides with the 87th anniversary of......
[more] Microsoft WMF beta patch leaks onto Net Microsoft's patch for the Windows WMF flaw was "briefly and inadvertently" posted to a a security website yesterday.
A spokeswoman refused to give exact details but noted that posting of the beta patch on the Internet has resulted in "some discussion and pointers on subsequent sites to the pre-release update". The company that it "recommends that customers disregard the postings".
As for the critical unpatched flaw itself, users and analysts remain divi......
[more] Sober attack averted - for the moment The Sober worm has yet to launch its payload, despite it being several days since the worm was programmed to download unknown programs from a number of websites.
"There’s nothing going on with Sober," at the moment, said Joe Telafici, director of operations at McAfee's Anti-Virus Emergency Response Team (AVERT)
All of the websites that the last version of the Sober worm was programmed to reach out to and download malicious code from have already been disa......
[more] Dodgy anti-spyware firms to cough up $2m Two dodgy anti-spyware operators have agreed to cough up $2m to settle charges brought by the US Federal Trade Commission (FTC).
The US consumer watchdog alleged that Spyware Assassin and TrustSoft used email and pop-up ads to drive net users to their websites for a "free spyware scan". The "scans" revealed that spyware was present on computers even when they were clean and went on to flog anti-spyware software to concerned punters for up to $39.95 a th......
[more] WMF patch ignored by many The Windows metafile (WMF) vulnerability that forced Microsoft to hurry an out-of-cycle patch to the public is still a threat because many home users have not yet fixed their PCs, one security firm warned today. Mikko Hypponen, director of anti-virus research for F-Secure, said on the firm's website that it has discovered a phishing scam, run from a home PC somewhere in Illinois, designed to exploit the vulnerability.
"This scam works by sending out emails, urging cus......
[more] Sophos Spam Data Shows China Still High Unsolicited Bulk Email Producer Anti-spam and anti-virus software company Sophos has published its latest report on the top twelve spam relaying countries for the last quarter of 2005. Sophos scanned all spam messages received in its global network of spam traps, and have revealed that although the United States still tops the chart, it has made significant reductions, and for the first time accounts for less than one quarter of all spam relayed. China ra......
[more] Two years after Gates prediction, spam still exists It has been two years since Microsoft's Bill Gates made the bold prediction that spam would be a “thing of the past," but the problem is still as bad as ever, according to new figures released. The research by anti-virus company Sophos found that the level of non-English spam has risen, with the vast majority now being relayed by "zombie" computers hijacked by trojan horses, worms and viruses under the control of hackers.
Sizeable increases a......
[more] Sex assault spam duping college students Security analysts at Sophos have warned of a new trojan sent to colleges in North America and the United Kingdom disguised as a plea to help authorities locate an alleged campus rapist. The Troj/Sinx-N trojan spams emails with a subject line of "CCTV still of Rapist," "Do you recognize this person?" or "Campus Student Raped," Sophos said Friday.
Users who click on the attached files, which claim to be photographs of the suspect, will launch malware onto......
[more] MS to omit anti-virus from Vista Microsoft will omit anti-virus protection in Vista, the next version of Windows, which it plans to ship late this year. As with previous versions of Windows dating back to Windows 2000 at least, Redmond is promoting Vista as a landmark improvement in Windows security.
Jim Allchin, co-president of Microsoft's platform products and services division, told reseller magazineCRN that safety and security, improved user experience, and mobility features will be key ad......
[more] Malware took a smaller bite in 2005 A year after reaching an all-time high, worldwide malware losses fell nearly 20 percent in 2005, an IT research and advisory firm said. Computer Economics, in a January summary of its "2005 Malware Report: The Impact of Malicious Code Attacks," said that, for the first time since 2002, the financial impact of virus attacks dropped from the previous year. Losses totaled an estimated $14.2 billion in 2005, compared to $17.5 billion the prior year.
The firm said......
[more] UK falls out of spam's 'dirty dozen' The US still tops the list of the spam-relaying countries, according to a report by Sophos, a provider of integrated threat management products. However, the US has made significant reductions and for the first time accounts for less than a quarter of all spam.
However, the UK has managed to slip out of the 'dirty dozen' - the top 12 spam-relaying nations. It is responsible for 1.6 percent of spam and now holds 14th position.
The report shows that the amou......
[more] Hacker Jailed For Ddos Attack That Affected Three Million Internet Users, Reports Sophos More than one third of Spanish computer users affected.
Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centres, have welcomed news that a hacker who stopped more than three million Spanish computer users from using the internet has been sentenced to two years in jail.
26-year-old Santiago Garrido used a computer worm to launch distributed denial-of-service (DDoS) attac......
[more] SurfControl addresses more than One Billion requests a day in growing demand for internet protection SurfControl, the world leading provider of Internet content protection, today announced it is managing one billion daily filtering requests from customers using the company's industry-leading content protection databases.
"Internet content protection is mission-critical functionality in a Web-enabled world," said Patricia Sueltz, SurfControl CEO. "Content protection is mainstream. You simply ca......
[more] F-secure Protects New Nokia Phones F-Secure and Nokia have announced that F-Secure Mobile Anti-Virus will be available through Nokia to the users of four recently announced devices based on S60 3rd Edition - Nokia N71, Nokia E60, Nokia E61 and Nokia E70.
For the Nokia N71, F-Secure Mobile Anti-Virus will be distributed on the memory card in the standard device sales package, while for the Nokia Eseries devices, the antivirus client will be available at Nokia Catalogs service.
F-Secure and N......
[more] Warning over Valentine's e-cards Valentine's Day could be a bonanza for malicious hackers, internet security experts are warning. Fake Valentine's e-cards and dodgy dating websites are among the tactics being used by fraudsters to relieve internet users of their money.
The government's Get Safe Online campaign is urging users to take care.
As well as e-cards harbouring viruses and spyware, the missives are being used for phishing, using fake links to get bank and credit card details.
Rogu......
[more] Sophos Makes First Foray into Email Appliances Anti-virus software vendor Sophos Plc is to take a first step into the appliance market with an email security device that guards against virus, spam and policy abuse. The new general-purpose ES4000 unit is said to be the first in a planned series of appliance launches, with separate versions targeted at the needs of small businesses and big business slated to follow. A combined web security and instant messaging appliance is also on the cards.
"Th......
[more] Aladdin eSafe Named Best Anti-Trojan Solution Receives the 2006 SC Magazine Award in the 'Best Anti-Trojan' category; the award stands as a prestigious honor within the information security industry. Aladdin Knowledge Systems, Ltd., a provider of software digital rights management (DRM) and enterprise security, yesterday announced that Aladdin eSafe, an integrated content security, spyware and virus protection solution for the Internet gateway, received the 2006 SC Magazine Award in the 'Best An......
[more] Olympic Torch virus exposed as a hoax Security experts have warned surfers not to fall for a new hoax spreading across the internet, posing as a warning of a non-existent virus. The Olympic Torch hoax warns email users to be wary of emails with the subject line "Invitation", and claims that it has been classified as "the most destructive virus ever".
The hoax claims that the "virus simply destroys the Zero Sector of the Hard Disc". IT security firm Sophos reported yesterday that it is receivi......
[more] Spammers adopt stealth tactics Botnet controllers are switching to stealth tactics in a bid to avoid detection. Instead of mass mail-outs of spam and malicious code, they are adopting slower distribution tactics in a bid to avoid appearing on corporate security radars.
UK-based web security firm BlackSpider Technologies reports that one huge botnet, responsible for issuing 50m identical spam emails per day, compromises at least 150,000 distinct IP addresses. The use of a large number of machin......
[more] Viruses plague British businesses Computer viruses are the single biggest cause of security problems for UK businesses, a survey by the Department of Trade and Industry shows. The study found almost 50% of the biggest security breaches suffered by companies in the last two years were due to infection by malicious programs. In some cases viruses crippled key systems such as e-mail for more than a day while companies cleaned up. It also found that the worst outbreaks can take up to 50 days to fix......
[more] Clagger-H Trojan spammed out as message from PayPal Beware warning that your PayPal account is "temporally limited" Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have warned users to be wary of emails claiming that their PayPal account has been "temporally limited", after a Trojan horse was spammed to internet users. Sophos's global network of monitoring stations have sighted many instances of the Trojan since it was first discovered on Fri......
[more] Small firms, growing security spending Smaller U.K. companies are preparing to "drastically" boost IT security spending as they move beyond anti-virus solutions to the deployment of firewall and intrusion-detection software to protect internet gateways. This finding emerged from the latest study by New York-based AMI-Partners. It predicts that security will be a greater budget priority as U.K. small and medium-sized businesses (SMEs) with one to 99 employees spend 10 percent more this year on IT......
[more] Viruses still main threat to UK firms Department of Trade and Industry survey finds that viruses are still causing headaches for enterprises Companies seeking to contain security incidents should concentrate on viruses, according to the Department of Trade and Industry's twice yearly Information Security Breaches survey. The telephone survey of 1,000 companies, led by PricewaterhouseCoopers LLP, fingers viruses as being the cause of over half of the worst security incidents hitting UK firms in t......
[more] Denial-of-service hacking soars Denial-of-service (DoS) attacks, where hackers overload networks with data in an effort to disable them, have risen 50%, a security report says. The biannual Symantec Threat Report said phishing, where fraudulent e-mails demand passwords from unwitting users, rose 39% in the last six months. Web security firm Symantec said the trend in cybercrime was towards subtle theft and away from attention-seeking. It said "crimeware", tailored to steal financial d......
[more] BBC Radio 4 investigates the people who defend companies against virus attack Listeners to BBC Radio 4 had a chance to hear behind-the-scenes at SophosLabsTM, Sophos's global network of virus and spam analysis centers, in a documentary broadcast this morning.Reporter Quentin Cooper interviewed anti-virus experts, and victims of virus attacks such as the British CoastGuard who were hit by the prevalent Sasser worm in 2004.The documentary also charts the evolution of computer viruses from the flo......
[more] Milosevic murder trojan spreading rapidly An email purporting to contain proof that the recently deceased Yugoslav permier Slobodan Milosevic was murdered is being used to spread a malicious trojan, security watchers warned. According to on BlackSpider Technologies, recipients are invited to open the email - subject line: Slobodan Milosevic was killed - and click on an attached image of Milosovic. When the image is opened, a trojan is downloaded to the PC. The security firm estimated that more......
[more] Friday, Sunday top spam reading days Friday isn't just the beginning of the weekend, it's also is the peak day for opening spam email, Kaspersky Lab said today. Sunday sees the second-highest amount of mass-marketing emails opened, the anti-virus firm said. According to a survey conducted by email mass marketer ExactTarget, 92 percent of all emails - and 96 percent of all campaign emails - are sent during the workweek. However, while Sunday sees only three percent of all sent emails, links in t......
[more] SurfControl Enables Detection and Control Over Unauthorized Skype Implementations SurfControl, the world leader in Internet content protection, today announced its ability to detect and control unauthorized Skype usage on the corporate network.Skype is a subscription-based Internet client that enables users to make calls anywhere in the world at the cost of a local call. An amorphous application, Skype uses indiscernible encryption and is capable of working through virtually any network address......
[more] Double attack fires 650,000 trojan emails at U.K. firms A double virus attack hit U.K. businesses with an estimated 650,000 trojan-laden emails before antivirus vendors were able to issue a patch against the new malware, a security firm claimed yesterday. According to BlackSpider Technologies, the first attack happened on Monday at 10:45 a.m. The firm estimated that more than 455,000 emails containing the trojan Downloader.Win32.Agent.adu hit inboxes of U.K. businesses during a three-......
[more] Firms deluged by threat alerts Research says nearly a third of security professionals cannot deal with the amount of data generated by firewall, anti-virus and intrusion detection systems IT managers are finding it difficult to respond to security threats because they are bombarded with alerts, says research published this week.Nearly one third of IT security professionals cannot deal with the amount of data generated by firewall, anti-virus and intrusion detection systems, according to the stud......
[more] Crossbeam Debates Future Split In IT Security Industry Crossbeam Systems, the leader in unified threat management (UTM) for the world's largest networks, is exhibiting at Infosecurity Europe (Olympia, 25-27 April) on stand G901. On the stand, senior executives from Crossbeam will be discussing their predictions for the rise of information survivability as the key concern in IT security.Chris Hoff, chief security strategist at Crossbeam Systems, is delivering a seminar at Infosec entitled 'Embed......
[more] IT security more imporant to most U.K. businesses Three-quarters of U.K. businesses rate security as a high or very high priority for their senior management or board of directors, according to the latest government-sponsored survey of breaches in the U.K. released at Infosec London. The study, conducted by a consortium led by PricewaterhouseCoopers, found that British companies are spending more on information security controls than ever: on average four to five percent of their IT bu......
[more] Russian student convicted for running virus distribution websites Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have welcomed the sentencing of a man who not only created his own malware, but ran two websites distributing over 4000 different computer viruses. Sergey Kazachkov, a Russian science university student from Voronezh, was found guilty of making available thousands of pieces of malware via two virus exchange websites. He was also said to ha......
[more] New IM, email bot creates own p2p network Email and instant messenger users are being warned about a new bot in the wild that creates a peer-to-peer (p2p) network of infected host PCs. The "Nugache" worm is spreading as both an email attachment and on AOL an MSN instant messenger (IM) networks, according to a warning from Websense Security Labs. "The command and control channel that is used is unique, as the bot appears to connect to infected peers instead of a static list,"......
[more] Ancient worm runs riot at Infosec Infosec may have hosted mass of secure wireless networks last week, but that didn't mean everything was secure.A quick review of the available wireless networks from Olympia's press office revealed very few open WLAN networks.However, while exhibiting at the show, security risk firm McAfee was able to detect various networks connections that lacked any encryption, so maybe things weren't as rosy as we first suspected. Using its Network intrusion prevention prod......
[more] Zombie hacker pleads guilty to hospital infection A U.S. man has pleaded guilty of creating a zombie network of 50,000 computers to launch a devastating attack against a Seattle hospital. Twenty-year-old Christopher Maxwell pleaded guilty to charges that he launched an attack in January 2005 which struck hard at Northwest Hospital and Medical Center in Seattle. The attack is said to have shut down computers in the facility's intensive care unit and prevented doctors' pagers from working properly......
[more] Two years after author's arrest, Netsky worm still tops virus chart Author of Sasser and Netsky worm arrested 24 months ago, but malware still spreads Two years ago today, on 8 May 2004, a German teenager was arrested in connection with the widespread Sasser and Netsky worm outbreaks. 18-year-old Sven Jaschan of Waffensen, North Germany, wrote a series of worms which hit tens of millions of computers around the world. Experts at SophosLabsTM, Sophos's global network of virus, spyware and spam an......
[more] Hacker's Work Plagues PCs Two Years After Arrest Named the worst worm of 2004 by some anti-virus firms, the Netsky worm is still the No. 1 reported virus in the world, according to Sophos. Its 18-year-old creator, meanwhile, got off lightly, with a suspended sentence and 30 hours of community service. Two years after the arrest of a noted hacker, his creation remains at the top of the virus charts, a security company said Wednesday, proving just how long an Internet affliction can last. May 8,......
[more] Dramatic rise in adware, malicious Trojans and spyware Spyware staged a significant counterattack during the first quarter of 2006, according to latest State of Spyware report issued today by Webroot Software. A dramatic rise in the prevalence of adware combined with a significant increase in the most malicious types of Trojans and system monitors resulted in the highest consumer infections rates since the first quarter of 2005.According to the report, the first quarter of 2006 saw a 15 percent......
[more] Virus leaks power plant secrets for second time in four months Experts at SophosLabs, Sophos's global network of virus and spam analysis centers, have reminded companies of the importance of computer security after it was revealed revealed that sensitive information about power plants has been leaked onto the internet from a virus-infected computer for the second time in less than four months. According to a Japanese media report, sensitive security information about a thermoelectric power plan......
[more] Killjoy Trojan deletes warez and smut Virus writers have created a Trojan that deletes illicit files from compromised Windows PCs in addition to harvesting data from infected machines.Erazer-A is spreading (albeit modestly) across P2P networks, where it poses as useful program files, or through chat programs.If executed, the malware scours folders used for P2P apps for AVI, MP3, MPEG, WMV, GIF, ZIP and other files. It then erases any porn, warez, music or any other matching file type found in P......
[more] Barclays offers free F-Secure AV software The bank has signed a deal with the antivirus vendor to provide protection to online customers Barclays Bank has announced it will offer F-Secure's basic antivirus package to online banking customers for two years, starting on Friday. Barclays will offer F-Secure Anti-Virus to its 1.6 million active online customers, and has actually bought more than 1.6 million."We had to be flexible enough to offer all our customers protection, so we have ample li......
[more] Word hole to get urgent patch Microsoft plans to patch a newly discovered hole in Microsoft Word in its next monthly patch update, and may release a rare "out of cycle" patch to address the hole, a company spokesman said. Microsoft's Security Research Centre is analysing the previously unknown vulnerability, which affects Microsoft Word XP and Word 2003 and is already being linked to targeted Internet attacks on government agencies in the U.S. and European Union, as well as U.S. gover......
[more] New Cyber Security Study Shows Consumers Are Overconfident About Identifying Online Scams While 87 Percent of Consumers Polled Feel Confident They Can Recognise a Fake E-mail or Web Site, 61 Percent Could Not Identify a Legitimate E-mail A new cyber security study released today highlights the difference between perception and reality of US consumers' awareness of online scams and their actual online behavior.While 87 percent of consumers polled said they were confident they could recognize fra......
[more] Little action from Kama Sutra Worm To the delight of mouse-clickers around the globe, the so-called Kama Sutra Worm scored high marks on foreplay – but failed to deliver the knockout blow many security experts feared it would. Considerably fewer-than-expected cases of the file-destroying worm, which induces PC email recipients through promises of pornographic pictures and videos, have been reported since Friday's activation date, computer security experts said. Hundreds of thousands of machines......
[more] Sophos Anti-Virus wins its 32nd Virus Bulletin 100% award Sophos, a world leader in protecting businesses against viruses, spyware and spam, today announced that Sophos Anti-Virus has been awarded the VB 100% award by Virus Bulletin magazine. This is the 32nd time that Sophos Anti-Virus has won a prestigious VB 100% award, confirming its position as one of the most powerful virus protection products available. Virus Bulletin tested 27 different anti-virus products for their detection rates, lac......
[more] Yahoo quickly steps on e-mail worm Yahoo discovered a malicious software "worm" designed to borrow into its free e-mail service and has neutralized the threat, the US Internet search giant said. "Once we were aware of it we put a solution in place," said Kelly Podboy, a spokeswoman for the Mountain View, California, company."It has been resolved. We don't know how many users were impacted, but we believe it was a very small fraction."An estimated 238 million people......
[more] Spammed Trojan claims Bush/Blair Middle East oil cover-up Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have warned of a Trojan horse that has been spammed out to email addresses disguised as a message claiming that George W Bush and Tony Blair are conspiring with oil companies to push up petrol prices. Other disguises being used by the hackers to distribute the Trojan horse include news reports that Osama Bin Laden has been killed or Michael Jackso......
[more] Worm lures victims with 'Naked World Cup' IT professionals, on the other hand, may want to be a little more vigilant, as a new e-mail worm is on the loose that preys on the intense worldwide interest in the international sporting event. Called Sixem-A, the worm began circulating earlier this week, and has just recently been blocked by anti-virus vendors. So far, the worm has been detected at only a handful of companies, but it is the first World Cup 2004 malware to target an English-speaking au......
[more] Bagle-KL email worm spreading via encrypted Zip file Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have announced the discovery of a new version of the Bagle worm spreading via email systems. The W32/Bagle-KL worm spreads as a Zip email attachment, encrypted with a password. The randomly generated numerical password is communicated to the recipient by embedding an image into the email. The worm spreads via email using a subject line randomly chosen......
[more] Met Police protects itself against spam The Metropolitan Police Service is upgrading its secure external gateway to cope with increasing volumes of spam.The upgrade will include procurement of a security solution to improve its email content filtering, anti-virus and anti-spam facilities for all Metropolitan Police Service (MPS) email addresses.The force needs to meet the demands of increasing email traffic and to provide a more resilient and secure interface with external networ......
[more] Nasty, Next-Gen Trojans Are Upon Us Banking Trojans are perhaps the most malicious form of malware today, with the express purpose of taking your money directly from your own bank account. Regardless of how much damage they may have done in the past, a new generation of banking Trojans is beginning to appear, and they're game for even more pilfering, according to at least one security researcher. Joe Stewart, senior security researcher at managed security firm LURHQ, detailed the evolution of t......
[more] Security vendor warns of porn-clicking browser Browsezilla, whose name and Lizard-like mascot are reminiscent of the open-source Mozilla browser products, claims to help surfers cover their tracks when visiting pornographic sites. It does not use browser history or save data to a cache, and it allows users to save their bookmarks on a remote server, according to the product's Web site. However, Browsezilla also secretly installs adware that boosts the page view counts on certain pornographic We......
[more] Hackers keep hacking because they can I had yet another computer journalist call me to ask if Vendor X's security solution was THE security product to solve all our security problems. I get a call or e-mail like this about once every two weeks. Usually they've read the vendor's own PR, another newspaper article, or even my own column touting a particular product. The typical conversation goes something like this: Journalist: "Hey, do you think Product A from Vendor X will solve all our sec......
[more] Word attack spammed out as malicious email attachment Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have warned of a Trojan horse that has been spammed out in large quantities to email users around the world. The WM97/Kukudro-A Trojan horse has been spammed out in email messages, which can have a variety of subject lines including "worth to see", "prices", "Hi", and "Hello". The body of the message reads as fo......
[more] Football union scores staff mobility goals The Professional Footballers' Association (PFA) plans to upgrade computer systems to enable staff to access email and other applications remotely.The trade union - which advises footballers in England and Wales - expects to replace Windows NT4 and Microsoft Exchange 5.5 servers with systems providing greater functionality to staff based in Manchester, London and Birmingham.By updating IT systems the PFA hopes to introduce remote working applications th......
[more] UK Consumers Wise Up To Internet Security Threats But Most Still Vulnerable To Online Scams Almost every UK consumer has taken steps to protect their computer from security threats, but most are failing to cover themselves against all online scams, according to new research from online shopping portal www.mutualpoints.com98% of 9,790 people surveyed in May said they had installed anti-virus software on their PCs, while 93% of the total sample had a firewall running. Just over four fifths (85.5%......
[more] Microsoft shuts down Windows 98 Microsoft is urging an estimated 70 million users of Windows 98 to upgrade as it ends support for the software. From 11 July, Microsoft will no longer help users over the phone with any problems they have with the ageing operating system. The firm will also stop providing security updates for Windows 98 from the same date. Support for the software was originally due to end in 2003, but was extended following customer protests. Shutting downProducts affected by cl......
[more] Gary McKinnon: Inside the head of a super hacker Gary McKinnon faces extradition, and a lifetime in prison, for breaking into computers at the Pentagon and Nasa. He tells Geneviève Roberts how it all started as a harmless prank Gary McKinnon, accused of the "biggest military hack of all time" by US prosecutors, is sitting in his local, rolling a cigarette. Only his shredded fingernails betray the fear he has lived through in the past four years. In that time, his former addiction to h......
[more] Sophos to reduce IT security overheads by 25% at DaimlerChrysler DaimlerChrysler UK, which is responsible for the distribution, sales and marketing for Mercedes-Benz, Chrysler, smart, Mitsubishi Canter, Jeep and Dodge in the UK, has successfully protected the email traffic at its nationwide dealerships, using Sophos's new email security appliance and industry-leading anti-virus and anti-spam software. This move is set to substantially reduce administrator and network overheads - saving th......
[more] Exploit uses PowerPoint flaw in targeted attacks Microsoft PowerPoint users were warned this week about a new exploit that takes advantage of a zero-day flaw in the program to drop a malicious file onto a compromised computer. Symantec, which first warned PC users about the trojan, called PPDropper.B, on Wednesday, said in an advisory that the exploit had infected a low number of users. The flaw was not fixed in this month's Microsoft Patch Tuesday release, which contained seven new fixes. Dave......
[more] Trojans account for over half of malware Over 54 percent of the new malware in the second quarter of 2006 were trojans, according to new data. The research from anti-virus firm Panda Software showed an increase compared to the previous quarter, when they accounted for 47 percent of malware detected. At the same time, the number of worms continued to fall, marking less than 5 percent of the total. The company said the figures confirmed that trojans are being used by criminals for financial gain.&......
[more] Ransomware getting harder to decrypt Ransomware is becoming more complex and anti-virus companies are worried they may not be able to decrypt ransomed files, according to a new report. The report, Malware Evolution: April - June 2006, Hidden Wars by anti-virus company Kaspersky Labs, warned that ransomware authors are creating more sophisticated encryption algorithms in a bid to out-fox security companies and blackmail users and companies.Ransomware involves the use of malicious code to hijack u......
[more] GTA Expands Firewall Family with Gigabit Firewall Global Technology Associates, Inc., (GTA), today announced a high-powered firewall appliance, the GB-3000 Gigabit Firewall Appliance. The cost effective GB-3000 is designed for SME businesses with gigabit networks. The GB-3000 provides support for up to twelve network interfaces, ten of which can operate at speeds up to 1 gigabit per second. "Many SME businesses are moving to gigabit networks at their offices and the......
[more] SurfControl First to Detect Phishing Scam Targeting Microsoft Customers SurfControl, the global leader in Internet protection, is currently tracking an email phishing scam that appears to be a message from Microsoft. The email conveys that the user has won a prize from Microsoft that can be claimed by visiting the Microsoft "Resolution Centre" and filling out a small form. When clicking on the link included in the email, the user is taken to a malicious Web site that closely resembles......
[more] F-Secure grows steadily and profitably Total revenue increased by 35% to a record level of 19.8m F-Secure continues its successful growth strategy as the total revenue of the second quarter rose by 35% to a record 19.8 million euro. The operating profit increased by 88% to 2.8 million euro.The company is the clear global leader in offering the Security as a Service concept through Internet Service Providers. F-Secure has a 36% share of the European broadband ISP market and a 25% share of the Eur......
[more] Sophos Anti-Virus wins its 33rd Virus Bulletin 100% award Sophos, a world leader in protecting businesses against viruses, spyware and spam, today announced that Sophos Anti-Virus has been awarded the VB 100% award by Virus Bulletin magazine. This is the 33rd time that Sophos Anti-Virus has won a prestigious VB 100% award, confirming its position as one of the most powerful virus protection products available. Virus Bulletin tested eight different anti-virus products for their detection rates,......
[more] Skype teams up with McAfee Skype certifies McAfee Internet security suite 2006 Internet communications company Skype has certified McAfee's suite of anti-virus software.McAfee Internet Security Suite 2006, McAfee VirusScan 2006 and McAfee Personal Firewall 2006 have all met Skype's standards for security, quality and usability.The security collaboration will mean files sent using the Skype file transfer function will be easily scanned by McAfee products adding an extra layer of protection t......
[more] SurfControl First to Detect Malicious Application on Fake Skype Web Site SurfControl, the global leader in Internet protection, is currently tracking a new spyware threat that comes to users via an email written in Turkish and claiming to be from Skype, the popular voice over Internet protocol application. The body of the email encourages users to download the Skype application by clicking on an enclosed link. Upon clicking the link, users are taken to a site that appears to be the Turkish vers......
[more] Worms exploit critical MS06-040 Microsoft security vulnerability Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have warned computer users of malware that is exploiting a critical security vulnerability in Microsoft software. The W32/Cuebot-L and W32/Cuebot-M worms spread via AOL instant messenger, exploiting the vulnerability described in Microsoft's MS06-040 security bulletin. "Microsoft only issued a patch against the security hole used by th......
[more] IM News & Trends Watch This past week Google has updated its IM product, Google Talk with several new features. The file transfer feature, one of the most requested features by users, allows you to send unlimited files and folders through Google Talk. Google has placed no restriction on the file type or size. As you would expect the dismal feature allows you to leave a voicemail message when your Google Talk buddy isn't available. When users receive voicemail they are informed via an e-mail......
[more] Norwich pioneers free city wi-fi Norwich is pioneering a free wi-fi project which covers three sectors of the UK city and its centre. The £1.1m, 18-month pilot has been live for three weeks and is backed by the East of England Development Agency. Paul Adams, from Norfolk county council said: "It allows people to see the benefit of wireless technology." The city centre, county hall and educational establishments such as the university all have wi-fi access. Mr Adams, director of c......
[more] Vicky's sex partner graphic email points to malicious Trojan horse Experts at SophosLabsTM have warned that hackers are stealing the tricks used by image spammers to infect computer users with malicious code. Experts based in Sydney, one of Sophos's global network of virus, spyware and spam analysis centers, have discovered email messages are being sent to Australian computer users claiming to come from a young woman visiting the country. Unusually, the malicious emails contain no text, but an......
[more] Virus levels double in August Virus levels have doubled and account of 1.02 per cent of total emails sent, according to a survey conducted in August by SoftScan . Some 89 per cent of all viruses stopped were classified as phishing attempts. The percentage of phishing emails detected has increased dramatically in the last few months, but SoftScan believes this is as a result of improved or additional detection by anti-virus scanners rather than any real increas......
[more] Hackers Renew Windows 'MS06-040' Attacks An upswing in activity related to a potential Windows Server vulnerability dubbed with a most-dangerous label in early August has been detected by security companies and organizations. That earlier vulnerability came to light August 8, amid Microsoft's release of a dozen security bulletins. These included MS06-040, which patched a critical vulnerability in Windows' Server service. At the time, security analysts warned that the bug might be exploited by a......
[more] Trojans: worse than a virus When some of the most prolific viruses, such as Sobig and Lovebug, infected the world's computers, it was international news. The rise of the potentially more serious threat from trojans has been stealthier. Even though the number of trojans being created outnumber new viruses by four to one, many computer users are unaware of the threat. Computer security experts say the authors of trojans are ruthlessly exploiting this ignorance. A trojan could be installed wh......
[more] Man admits blackmailing schoolgirls via webcam spyware Experts at SophosLabs have warned of hackers exploiting webcams to spy on children as a man pleads guilty to blackmailing schoolgirls.Adrian Ringland, from the British town of Ilkeston, Derbyshire, has admitted forcing schoolgirls to send him explicit pictures after he infected their computers with a Trojan horse. 36-year-old Ringland posed as a teenager called "Ant Jones" in a chatroom, in order to plant the malware onto girls' P......
[more] Microsoft's BrowserShield Shows Promise Microsoft wants to "save people," and a research project called BrowserShield is designed to do just that. Helen Wang and John Dunagan are in charge of the project, which offers "vulnerability-driven filtering of network data." "We basically intercept the Web page, inject our logic and transform the page that is eventually rendered on the browser," Wang explained to eWEEK's Ryan Naraine. "We're inserting our layer of code at run-time to mak......
[more] What's changed in the three years since SoBig spread? This Sunday marks an ominous anniversary for network administrators: the third anniversary of the cut-off date for the SoBig virus. SoBig is considered the first mass-mailing virus to cause widespread destruction to businesses on a global scale and was a trendsetter for viruses to come. Despite it being programmed to stop disseminating 36 months ago, some firms are still picking up copies of the virus, according to email security firm Message......
[more] IE Vulnerability Spreads To Email The VML exploit found earlier this week could prove to be a severe problem because it can take initiative without requiring any action on the part of the user. But so far Microsoft does not appear to be a big rush to fix the problem. Microsoft has acknowledged reports from antivirus and anti-spyware vendors of the vulnerability in the Vector Markup Language (VML) used in Windows. For now, Microsoft has published a Security Advisory, which provides steps cu......
[more] Microsoft Rushes Patch for VML Exploit Sophos Labs now rates as "critical" a re-emerging exploit to Microsoft's Vector Markup Language (VML) library, which Microsoft now says it will try to patch before its original October 10 deadline, announced on Thursday. This comes as the SANS Group raises its InfoCon level officially to "yellow," "to emphasize the need to consider fixes."In the meantime, a group of software engineers called the Zeroday Emergency Response Team......
[more] PatchLink releases a workaround for VML exploit to protect customers from zero day threats As hackers continue to exploit a security vulnerability in Microsoft Internet Explorer, rated as "extremely critical", PatchLink is releasing a PatchLink authored workaround for customers worldwide to protect their networks from VML zero-day threats. According to PatchLink Vice President of Security Technologies Chris Andrew, the Microsoft IE flaw could be potentially harmful to the IT environme......
[more] UK punters still falling for phishers UK punters are still failing to take basic precautions when banking online despite a wealth of available advice, according to a recent survey by banking association APACS. Although net users are aware of scams such as "phishing" and Trojan attacks, they remain complacent. APACS advises the estimated 15.7m people who regularly use the internet to access their current, savings and credit card accounts to do their homework, unless they want to leave......
[more] PowerPoint exploit adds to Microsoft's busy week Another exploit for a popular Microsoft program has been found in the wild during an already hectic week for the software giant. Experts from McAfee's Avert Labs said on a company blog this week that they found a new exploit for Microsoft PowerPoint in the wild. Microsoft Office 2000, XP and 2003 are affected by the exploit, virus researcher Craig Schmugar said on Avert Labs' blog. News of the new exploit came during a week when Redmond had alread......
[more] Sophos offers free application killer Sophos has become the first security vendor to give a standard anti-virus client the ability to block a range of risky applications, including VoIP, instant messaging, and P2P programs. The new feature comes in the form of a free signature upgrade to the company's Anti-Virus 6.0 software, and can stop a named list of programs from running on any PC on which the software is installed. Notable on this list are Skype and Google Talk, IM clients such as AIM, MS......
[more] Sophos announces new proactive anti-malware technology Security software vendor Sophos has announced the availability of its Host Intrusion Prevention System (HIPS), which proactively identifies and blocks programs that behave suspiciously before they execute. Sophos's Behavioral Genotype protection technology, which has been fully integrated into all of Sophos's anti-virus solutions, can detect unknown spyware and malware without a false positive problem and without the need to install any add......
[more] Virus infections drop, spam on the up The number of viruses hitting Irish inboxes has fallen but spam continues to rise, according to figures from IE Internet.The Irish email monitoring firm found that the rate of virus infection in the mails that it filtered for its customers fell to 11.65 per cent in September. This reverses the brief rise seen in August 2006, when the rate of infection rose to 15.15 per cent.The Mytob virus is still heading the pack, responsible for 40.52 per cent of infecte......
[more] GFI Warns One Anti-virus Engine Is Not Enough To Protect Your Business Although 99% of large British companies use anti-virus products, 43% were still infected by viruses (UK ISBS Survey 2006) GFI, a leading provider of network security, content security and messaging software has today issued a stark warning to businesses across Europe about the dangers of deploying a single anti-virus engine. GFI's new White Paper, "Why one virus engine is not enough", reveals that organisations rely......
[more] Microsoft enters the anti-virus bear-pit Microsoft is setting the cat among the pigeons at this year's Virus Bulletin conference, the big chinwag for the security software industry. Ordinarily, blame for the lamentable state of awareness of internet security has fallen on Redmond, alongside clueless end-users and over-sensationalist journalists. Lately, though, Microsoft has tried to shake off the fall-guy role, and reinvent itself as security industry participant. In May it launched its own se......
[more] Anti-virus technique adds muscle to PC lock-down Sophos has developed an innovative anti-virus-based approach to locking down PCs To identify malware, anti-virus products use a signature file that acts as a fingerprint of the virus or worm. Sophos has now applied the same principle to legitimate applications, giving IT directors a simple way to lock down desktop PCs.The company's anti-virus and application control product lets system administrators selectively block unauthorised VoIP, peer-......
[more] Sophos launches new suite of it security solutions for small businesses Sophos announced the availability of its new integrated security solution for small- to medium-sized enterprises (SMEs). The launch of the product coincides with research discovering that most small businesses are failing to adequately protect themselves from malicious attack.Sophos Security Suite provides an all-in-one defence against threats on Windows and Mac computers, laptops and servers. The software has been designed......
[more] Security still a top priority for organizations The threat picture is much more complicated today compared to a few years ago," says Partik Runald, Senior Security Specialist, F-Secure Corporation Aiming to be 'Mr Reliable' in the security services arena, F-Secure Corporation provides solutions for workstations, gateways, servers and mobile phones that include anti-virus and desktop firewall with intrusion prevention, anti-spam and anti-spyware solutions, as well as network control solutions for......
[more] iPod Windows virus not correctly named says Sophos Security vendor Sophos claims that presently Apple is not displaying the correct name for the recently discovered iPod Windows virus listed on its website, instead referring to it by the name of a file commonly used in malware called RavMonE.exe. The virus, which was been shipped on a relatively small number of Video iPods sold in stores from mid-September, does not affect Apple Macs but propagates through storage devices connected to Windows ma......
[more] Spam Trojan Installs Own Anti-Virus Scanner Veteran malware researcher Joe Stewart was fairly sure he'd seen it all until he started poking at the SpamThru Trojan-a piece of malware designed to send spam from an infected computer.The Trojan, which uses peer-to-peer technology to send commands to hijacked computers, has been fitted with its own anti-virus scanner-a level of complexity and sophistication that rivals some commercial software."This the first time I've seen this done. [It] gets......
[more] Sophos extends application control to block distributed computing programs Desktop software that hunts for aliens and investigates climate change unpopular among sysadmins, Sophos survey reveals Sophos, a world leader in IT security, has given companies the ability to control employees' use of distributed computing applications on corporate networks, following concerns that these programs can affect network performance. Such programs include SETI@Home and the BBC Climate Change Experiment. A sur......
[more] Virus writers target web videos The growing popularity of online video has caught the attention of malicious hackers and hi-tech criminals. Security firms are reporting more and more instances of booby-trapped Windows codecs - file compressors - required to play some video formats. Some of the codecs let users play types of net-based video, but also have spyware and adware wrapped inside. Others, say experts, are outright fakes that just want to infect victims with data-stealing programs. Audie......
[more] WebSense brands new ThreatSeeker technology WebSense releases a collection of tools to help firms shore up security Web security specialist WebSense has announced a new collection of technologies designed to identify web-based threats before attacks are launched, and new versions of its Web Security Suite.WebSense ThreatSeeker is a combination of over 100 processes and systems developed by the firm's Security Labs over the past five years and built into its products to provide proactive threat p......
[more] Macarena Mac OS X malware - no need to panic Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have advised Mac OS X users not to panic following the discovery of a new proof-of-concept virus. The worm, dubbed OSX/Macarena, has caused headlines in the press because new Macintosh malware is so rarely encountered compared to malicious code designed for Windows PCs. At the time of writing Sophos has received no reports of any customers who have encountered......
[more] One-Millionth McAfee-Protected msystems U3 Smart Drive Ships McAfee, Inc., the leading dedicated security technology company, and msystems(TM), a leader in smart personal storage, today announced that the one-millionth msystems U3(TM) smart drive bundled with U3 Anti-Virus Powered by McAfee has shipped."This significant milestone shows that consumers want to secure their applications and files wherever they are," said Todd Gebhart, senior vice president worldwide consumer and mobile s......
[more] OneCare labels Gmail as malicous Customers of Windows Live OneCare were advised by Microsoft this week to update their antivirus signature after the service began tagging Google's e-mail service as malicious. The problem began cropping up last week when OneCare-enabled users that visited Google's Gmail website were repeatedly warned that they were infected by a virus called "BAT/BWG.A." Microsoft reported that the problem occurred after Google tweaked its Gmail site last week. "Wi......
[more] Worm uses Real Media files to infect McAfee is warning of a new worm that modifies Real Media files and launches a malicious website without a user prompt. Once the page is open, the worm can spread over network drives and shared files to "download whatever the (malware) author wants to download," Craig Schmugar, threat researcher with McAfee Avert Labs, told SCMagazine.com on Wednesday.The worm initially infects a user's PC when he or she is duped into downloading an executable that s......
[more] Webwasher 6.0 Delivers Industry's Most Advanced, Proactive IT Security Web Gateway Security Solution Integrates TrustedSource Global Reputation System; Introduces Proactive Anti-Malware Protection Secure Computing Corporation, a leading enterprise gateway security company, today announced Webwasher 6.0, a new and enhanced version of its award-winning Web Security Gateway, protecting enterprises from inbound and outbound security threats. Webwasher 6.0 marks the initial integration of CipherTrus......
[more] Malware goes to the movies Online attackers have started to experiment with embedding malicious code or links to such code in different video formats. On Tuesday, anti-virus firm McAfee warned Windows users that the company had discovered a worm, dubbed W32/Realor, actively infecting Real Media files. The infected video files do not contain an exploit for the RealOne or Real players, but a hyperlink that points to a malicious website. When infected files are opened, the victim is referred to the......
[more] Sophos protects Microsoft Windows Vista Integrated protection delivers security and control on Vista platform Sophos, a world leader in IT security, today announced a new version of Sophos Anti-Virus which fully supports the Microsoft Windows Vista operating system. Sophos's proactive protection delivers businesses with a complete defense against viruses, spyware, adware and potentially unwanted applications (PUAs).Sophos Anti-Virus for Windows 2000/XP/2003/Vista, version 6.5 includes:Protection......
[more] New version of Skype now harder to detect Skype-blocking companies have been scrambling to update their products after the recent release of a new version of the software that is even harder to detect and block. The beta of version 3.0 was made available only two weeks ago and, as expected, the client has been re-engineered to make its presence on network traffic tougher to spot, according to leading Skype-blocking outfit iPoque.There have been a number of subtle but important alterations in 3.......
[more] Apple super-patch fixes 31 vulnerabilities, including wireless driver flaw Apple fixed 31 vulnerabilities in the seventh Mac OS X security update of the year, including a fix for a dangerous wireless driver flaw that could lead to arbitrary code execution. That particular memory corruption vulnerability in the AirPort driver used in popular Macintosh laptops such as iBook and PowerBook, was reported by H.D. Moore as part of November's Month of Kernel Bugs project, an initiative kicked off by a s......
[more] Vista more secure than XP? Most of us who have played with the Aero interface and Flip 3D know how lovely Vista looks. However, is it really more secure than Windows XP? After all, both operating systems still need firewalls and anti-virus protection. I have been using Windows XP for years and I have suffered a virus infection on my PC exactly twice.On one occasion, someone in my household launched one of those bogus "screensavers" which had been sent by email. Even then, that person r......
[more] Sophos Anti-Virus wins its 35th Virus Bulletin 100% award Sophos, a world leader in protecting businesses against viruses, spyware and spam, today announced that Sophos Anti-Virus has been awarded the VB 100% award by Virus Bulletin magazine. This is the 35th time that Sophos Anti-Virus has won a prestigious VB 100% award, confirming its position as one of the most powerful virus protection products available.Virus Bulletin tested 15 different anti-virus products for their detection rates, lack......
[more] Malware wars: Are hackers on top? The money made from malware is eclipsing the revenue of anti-virus vendors, a leading net security vendor claims. Raimund Genes, CTO of anti-malware at Trend Micro, cites FBI figures that IT security problems cost the economy $62bn last year against IDC estimates that the anti-malware market was worth $26bn in 2005.The FBI figures include the cost of clean-up operations, not just the profits accrued by the bad guys. Even taking this into account Genes reckons c......
[more] Windows Trojan masquerades as Vista hack A week after Windows Vista's official launch hackers have devised their first attack, targeting pirates trying to install illegal copies of Microsoft's operating system.A supposed Windows Vista crack called Windows Vista All Versions Activation 21.11.06 is reportedly doing the rounds, offering those tempted by the chance of sticking it to Microsoft the ability to install illegal versions of Windows Vista.However, the software is not a Windows Vista crack......
[more] Watch out for festive scams 'TIS the season to receive Christmas cards and a growing number of them, conveniently, will come via the internet. There's only one problem: some of the emails promising an e-greeting from a friend or family member may instead be from a scam artist intent on obtaining your bank or credit card information.Stu Elefant, senior product manager for anti-virus company McAfee, says the danger is at this time of year people are more likely to click on these greetings in their......
[more] Seven steps for a more secure network IT security professionals should rely on personal vigilance and implemented methodologies - not just the slew of new products hitting the marketplace - to protect their networks in 2007. Change every password before the year's end. By taking this first step, you will enhance the security of every online commerce site visited, every computer, and every other password-protected device or website in use. Avoid easily discovered passwords, such as names or numer......
[more] Tailor your mobile security plan for the iPod generation Ever since the emergence of iPod back in 2004, GFI and other experts including Gartner analysts, Ruggero Contu and John Girard have been warning that iPods are a potential danger to the corporate network. Yet, nearly one-third of medium-sized companies remain unconcerned about leaking sensitive data through devices that are highly portable with large storage capacities, according to Osterman Research. On Oct. 18, 2006, it came to light tha......
[more] Wireless not worth hacking? For four years, I've been pretty clear about my personal opinions on wireless hackers. I don't worry about them. So when I say: "It's time to worry about wireless hackers," it's not just another security consultant scare story being recycled - it's because I think things have changed. What has changed? Easy: corporate networks have changed. It's no longer as easy as it was to penetrate a corporate firewall and compromise PCs on the LAN.By comparison, the Wi......
[more] How to crash a Windows mobile using MMS Security researchers have released proof-of-concept code that exploits vulnerabilities in MMS implementations in mobile phones running mobile versions of Windows.The vulnerability was discovered six months ago by security researcher Collin Mulliner, who published the exploit at the Chaos Communication Congress in Berlin last week in a bid to force manufacturers to deal with the issue.The flaw involves buffer overflow vulnerabilities in the SMIL (Synchroni......
[more] Trojans posing as rare Saddam Hussein execution videos Keeping with their practice of tailoring malware-toting email for current events, malicious users are mass mailing what they claim is a rarely-seen video of the execution of Saddam Hussein. Researchers at F-Secure have found three Hussein-related malware embedded in the emails, named video_sadan.exe, saddam.morto.scr and sadan.exe. The three files are actually the viruses W32/Banload.BSW, W32/Banload.BSX and Trojan-Downloader.Win32.Delf.ACC,......
[more] MSN password stealer released as torrent Malware designed to steal users' Windows Live Messenger password has been released onto the net. The password stealer was released for download via BitTorrent earlier this week by a hacker using the handle "Our Godfather".The malware comes in the form of an IMB download confirmed by anti-virus firm Sophos as containing a password-stealing Trojan horse. Victims would need to be tricked into downloading and executing the malware, which might be r......
[more] TomTom sat nav devices infected with virus A number of recently shipped TomTom satellite navigation devices are infected with malware, the Dutch company said today. The virus is installed on the TomTom GO 910 model, but doesn't affect performance, the satellite navigation firm claimed. However, users on Microsoft Windows systems risk running the malicious code and infecting their computer, according to a posting on IT forum, DaniWeb, where the problem was first reported.The units are infected wi......
[more] Sophos Application Control now blocks Windows games Solitaire's author blames his own game for unproductivity Sophos has announced that its Application Control software has been extended to give businesses the ability to control and block Windows computer games, including Solitaire, Minesweeper and FreeCell - some of the most popular games in the world. According to Sophos, the negative impact on company productivity caused by the games has meant that many organizations have shown significant in......
[more] Sophos Anti-Virus for Windows Vista wins VB 100% award Sophos, a world leader in IT security and control, today announced that Sophos Anti-Virus for Windows Vista has been awarded the accolade of VB 100% by Virus Bulletin magazine. This is the 36th time that Sophos Anti-Virus has won a prestigious VB 100% award, confirming its position as one of the most powerful virus protection products available.Virus Bulletin tested 15 different anti-virus products for their detection rates, lack of false a......
[more] Microsoft Acknowledges Vista Anti-Virus Failed VB100 Test A Microsoft spokesperson confirmed to BetaNews this afternoon that it has learned its Windows Live OneCare anti-virus package has failed a test conducted by the respected British laboratory Virus Bulletin using Windows Vista Business Edition, disqualifying it from carrying the "VB100" logo denoting 100% detection of a selected battery of common "in the wild" viruses. However, the information Microsoft gave us indicates the company is not......
[more] Microsoft takes security teams global Microsoft has announced plans to open new security research centres in Europe and Asia, the first time such teams have been located outside the US. The company plans to use the centres to monitor emerging security threats round the clock regardless of time zone limitations, and to bolster parts of its emerging security threat business such as the much criticised Windows Live OneCare. "We will develop sites to cover the Americas, EMEA and Asia, for us t......
[more] Malicious Ikea spam knocks flat German email users Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have warned German computer users to be on their guard against a malicious email which claims to come from home furniture giant Ikea.The emails, which have been widely spammed out, pose as a communication from Ikea Deutschland, but opening the attached file launches the Troj/Clagger-AZ Trojan horse. "Users may be so surprised to receive an unexpecte......
[more] OneCare fails another detection test Respected testing organisation AV-Comparatives has released the results of its latest in-depth test of anti-virus products, with a large batch of products tried out over a wide range of malware. Only one product, Microsoft's Windows Live OneCare, failed to detect enough of the test set to qualify for any level of certification. As part of a thorough regime of testing, AV-Comparatives runs tests of on-demand detection ability twice a year, pitting products in......
[more] Windows OneCare deletes emails Microsoft has acknowledged that a bug in its Windows Live OneCare security suite has been causing users' email to vanish from Outlook and Outlook Express. A fix will be pushed to users next week, for the bug which was first reported by users writing on a OneCare support message thread six weeks ago, said Microsoft. The bug seemed to be deleting Outlook and Outlook Express data - .pst and .dbx files, respectively - after a malware scan. "The program did a sche......
[more] Staying safe without anti-virus? For a long time anti-virus software has been in the front line when it comes to stopping malicious programs infecting PCs. But as the creators of viruses and other malicious programs adapt their methods to exploit the weaknesses of anti-virus software, some are looking to other methods to help them stay safe. One such is Brent Rickels, the one-man IT department for the First National Bank of Bosque County in Texas, who has thrown out his anti-virus software and......
[more] Network access control NAC explained Cybercrime continues to rise, with the primary aim to steal company information or anything that will make a profit for the perpetrators. To avoid the unwelcome headlines provoked by IT security failures, securing the corporate network is more important today than ever before. It's also tougher to achieve, as today's business world means giving partners instant access to the information they need while meeting external regulatory compliance standards. With m......
[more] Document shell code attacks loom large Targeted attacks that utilize vulnerabilities in popular document file formats and execute via hard-to-find shell code are becoming an increasingly popular menace, according to researchers at IBM's Internet Security Systems division. Experts working with the ISS X-Force group said that they've seen a rapid increase in the volume and variety of shell-code execution attacks leveled at their customers over the last 12 months. Among the types of files most fre......
[more] Making sense of Websense's SurfControl buyout The move makes the combined companies more attractive as a potential acquisition by one of the big three IT security firms Websense's $400 million buyout offer for rival network filtering specialist SurfControl should help position the two companies for short-term growth and possible acquisition in the future, according to market watchers.Company officials and industry analysts agree that the marriage of the two network security filtering specialists......
[more] Malware 'hijacks Windows Updates' Virus writers may be able to smuggle malicious files onto a computer using Microsoft's security patch updates, experts say. At least one program is in circulation that can hijack a key component of Windows Update to introduce malicious software that could be used to hijack a computer. The method bypasses users' firewall, allowing files to download undetected. Microsoft said it was aware of reports of the attack. Security expert Frank Boldewin said on his website......
[more] Akonix Addresses Instant Messaging Security Akonix Systems, Inc., provider of the most deployed instant messaging (IM) security and compliance products in the world, today introduced the Akonix A1000 IM Essentials Appliance, a simple-to-install and administer, all-in-one IM management solution designed specifically to address the risk management, archiving and compliance needs for IM use in small and medium-sized business (SMBs). The A1000 IM Essentials Appliance, priced at $6,995, includes 100......
[more] Laptop users taking more security risks than desktop users Employees that use laptops are taking more security risks than those that use desktops, but both types are taking unnecessary risks, according to the "Trust & Risk in the Workplace Study" from SurfControl. The study, conducted by Dr. Monica Whitty of Queen's University Belfast, was based on a survey of 1,000 mobile and desktop employees in the U.S., Australia, the Netherlands, Singapore and the U.K. The study found that em......
[more] The Top Five Digital Threats To Your Business While the Internet, mobile computing and online advertising can help small fries compete with larger rivals, these digital tools also invite plenty of risk. Our advice: Don't be a Luddite, but don't lie awake at night, either. Do something about it. Fraud, for example, is a risk any business must deal with. Last year, North American merchants lost $3 billion because of online payment fraud (purchases made with stolen or unauthorized account informat......
[more] 'Direct' impact of malware down again, but overall costs rise Although the "direct" costs of worldwide malware attacks have declined for three years in a row, "indirect" costs have continued to rise, a new report from market research firm Computer Economics indicates. Last year's direct damage attributed to malware totaled $13.3 billion globally, down from $14.2 billion in 2005 and $17.5 in 2004, according to the report, "The Economic Impact of Viruses, Spyware, Adware, Botnets, and Ot......
[more] Hackers target 'legitimate' sites More than 10,000 websites have become unwitting hosts of malicious software, say security experts. Those visiting the hijacked pages risk having keylogging software installed on their PC if it is not protected with the latest patches. The webpages compromised are all legitimate sites devoted to subjects such as tax, jobs, tourism and cars. The sites are thought to have been booby-trapped using a malware kit, called MPack, sold commercially online. Hacked host T......
[more] XP better patched than Vista Microsoft data shows that the company has left more security holes open in Windows Vista than it did in XP. A Microsoft security executive released data showing that, six months after shipping Windows Vista, his company has left more publicly disclosed Vista bugs unpatched than it did with Windows XP. In total, Microsoft has patched 12 out of 27 disclosed Vista vulnerabilities in the six months after it first shipped last November. During XP's first six months, Micr......
[more] Sophos awarded ITPro Editor's Choice, outperforming McAfee and Symantec Sophos Anti-Virus Small Business Edition 2.0 declared "outright winner" Sophos Anti-Virus SBE 2.0, Sophos's integrated protection solution for small businesses, has won the prestigious "Editor's Choice" award in a comparative test conducted by ITPro. ITPro tested McAfee Active VirusScan SMB Edition, Symantec AntiVirus 10.2, F-Secure Anti-Virus Small Business Suite and Sophos Sophos Anti-Virus Small Business Edition......
[more] Hackers launch PDF spam campaign Hackers have launched a widespread "pump-and-dump" stock spam campaign using PDF files, anti-virus researchers have warned. In a change of tactics, the attackers have hidden the spam content within a PDF file instead of attaching an image file to plug the stock, according to a security advisory on the McAfee website.The spammers are sending the PDF files with randomly generated subject lines, sender names and a blank message body. The stock spam is believed to ha......
[more] Rival malware gangs wage turf war Security researchers have uncovered evidence of a turf war between rival criminal enterprises connected to two of the most sophisticated malware toolkits in current use.Like competing gangs in the Mafia - for those who followed the HBO series The Sopranos, think the New York-based Lupertazzi crime family and its sometimes enemy the DiMeo crime family, which Tony Soprano ran from New Jersey - the malware groups are fighting for turf and control.But rather than c......
[more] Hackers lure victims to fake iPhone website New attack combines virus, phishing and adware in order to relieve would-be iPhone buyers of financial information. Hackers are targeting prospective iPhone users with a fake website that steals personal information from unsuspecting victims, according to experts.Researchers at anti-virus company Panda Software discovered that cybercriminals have developed a trojan, called Aifone.A, that takes control of a user's computer and then directs the victim to......
[more] DIY Trojan tool discovered for sale A new kit for building and customising Trojan malware has been discovered for sale on the Internet. With the appropriate name ‘Pinch,' the tool lets criminals with little technical knowledge specify a number of parameters such as which type of password to steal from infected machines. Alternatively, the tabbed-based interface can be made to turn the program into a straightforward key-logger set to capture all keystrokes, take screenshots, or steal speci......
[more] Sobering Realities of Enforcing NAC: Top 5 Challenges that Solutions Need to Address Network Access Control (NAC, a.k.a. Network Admission Control), has generated a lot of enthusiasm, and correspondingly, a large number of corporate initiatives to address a rapidly evolving network security challenge. NAC was developed to ensure the security of endpoints connecting to the corporate network, which has become an increasingly important issue given the large number of external users, mobile systems......
[more] McAfee offers free solution to rootkit attacks McAfee is to release Rootkit Detective, software for blocking and removing rootkit attacks. The software also funnels intelligence into the company's ongoing research operations. Following in the footsteps of SiteAdvisor - the free web site security program acquired by McAfee in April 2006 - the new tool will be free for download, with benefits for both end users and its researchers. Rootkits are self-cloaking malware attacks that install themselve......
[more] Sophos Anti-Virus for Windows Vista wins VB100 award Sophos, a world leader in IT security and control, today announced that Sophos Anti-Virus 7.0.0 has been awarded the accolade of VB100 by Virus Bulletin magazine. This is the 39th time that Sophos Anti-Virus has won a prestigious VB100 award, confirming its ability to detect 100% of the viruses in the wild, and its position as one of the most powerful virus protection products available.Virus Bulletin tested 20 different anti-virus products f......
[more] Sophos PureMessage receives West Coast Labs Checkmark Sophos, a world leader in IT security and control, today announced that its email security solution, PureMessage for Unix, has been awarded West Coast Labs Checkmark for 100% detection of in-the-wild viruses. The accolade confirms the software's ability to detect 100% of the viruses found in the wild, and its position as one of the most powerful security solutions for Unix mail servers. "Sophos PureMessage for Unix offers a considerable......
[more] AOL drops Kaspersky for McAfee Giant ISP and web services provider AOL is offering a free, special edition version of McAfee security software to users registered with its network. The offer replaces a previous offering based on Kaspersky technology, which was quietly taken offline several weeks ago. The customized product, based on McAfee's Internet Security Suite, combines anti-virus and anti-spyware with a firewall and identity theft protection. The AOL Active Virus Shield software, a pared-......
[more] Mobile malware to pose significant threat Increased adoption of mobile devices will lead to increased mobile malware sophistication Although concerns regarding handheld data security still trump fears of mobile viruses, security software vendors and researchers contend that greater numbers of attacks are on the horizon. Thus far, most malware programs targeting wireless devices have been proof-of-concept threats or have required large amounts of end-user interaction to deliver their payloads, bu......
[more] Road warriors are security risk Most IT managers believe mobile workers increase the risk of malware and other threats, according to a new survey. The survey of 450 IT managers found they are still at risk despite having anti-virus products installed on endpoints and using systems management tools to patch computers. The survey, commissioned by management software maker BigFix and conducted by GatePoint Research, also found that in some cases IT managers think their systems management tools hav......
[more] Germany floats Trojan for terror suspects German politicians have defended plans to email Trojan horse software to terror suspects in the hopes of monitoring their conversations. The measures have sparked a fierce civil liberties debate. The dubious efficacy of the wheeze is yet to come under serious consideration.Interior Minister Wolfgang Schaeuble is seeking police powers to harness malware in upcoming federal security laws. AP reports that snoopware would be developed by the German governme......
[more] Sony to exorcise 'rootkit' from USB drives Sony is prepping an update to remove rootkit-like technology that shipped with a range of USB storage devices featuring fingerprint authentication.The Sony MicroVault USM-F fingerprint reader software that comes bundled with the USB stick installs a hidden directory under Windows. Files in the directory might be hidden from some antivirus scanners, potentially creating a hiding place for malware that virus authors could seek to exploit.The tactic, a mi......
[more] SurfControl adds reputation to email filter SurfControl has upgraded to its email security software with reputation services and regulatory compliance features. SurfControl E-mail Filter 6.0, available now, includes the company's own reputation service - previously only available as part of its hosted email security service - that automatically drops connection requests from IP addresses with a history of sending spam, according to Dave Tripier, senior vice president of product management for S......
[more] Skype worm leaves Sophos users unfazed Sophos, a world leader in IT security and control, says that a recent worm outbreak on the Skype network highlights the importance of proactive virus protection. The worm, which has been seen spreading via Skype's instant messaging system, has not managed to infect Sophos users who were proactively protected against the threat without requiring an update. The W32/Pykse-C worm (also known as Ramex, Skipi or Pykspa) spreads via Skype's chat system in a varie......
[more] Google adds Postini to business apps Google is to add the email services it acquired when it bought Postini last month, to its business-grade online services at no extra charge. The company will add email security, compliance and recovery to Google Apps Premier edition, potentially making it more attractive to larger organisations. The services include email controls for Apps Premier administrators like configurable spam and virus filtering, setting and management of usage policies, and recover......
[more] Bigger Websense Vows Complete Protection Tech security providers have recently sought more safety in numbers, gobbling up other firms for hundreds of millions of dollars.Employee Internet use monitor Websense WBSN is the latest to try it, on the heels of Cisco Systems $830 million pick-up of IronPort Systems in June and Symantec's April buy of Altiris for $815 million.Websense's more than $400 million deal for its main rival, U.K.-based SurfControl, closed on Wednesday.With a market cap of......
[more] Austrian police to use crime-busting Trojans The Austrian Police has become the latest European agency to express its intention to use specially crafted Trojans to remotely monitor criminal suspects. According to reports in Austrian media, the minister of justice Maria Berger and interior minister Gunther Plater have drafted a proposal that will be amended by legal experts and the cabinet with the intention of allowing police to carry out such surveillance legally with a judge's warrant. There......
[more] RSA 2007: Spyware cashes in quietly Spyware is the most rapidly evolving threat on the threat landscape at the moment, and it will continue this way into 2008, said Gerhard Eschelbeck, chief technology officer of Webroot Software, at RSA Europe in London on 23 October. Spyware is software that covertly gathers information through a user's internet connection without their knowledge for malicious purposes. "It is financially motivated and it takes advantage of human nature," said Esche......
[more] McAfee goes shopping for ScanAlert McAfee has agreed to acquire e-commerce firm ScanAlert in a transaction that is valued at up to $75m.ScanAlert runs the Hacker Safe security service. The service provides a certification program for online retailers that meet certain security standards. Qualifying sites are awarded a "Hacker Safe" logo.The company claims that having a Hacker Safe certification increases consumer confidence that results in a 14 per cent sales jump.Under the terms of t......
[more] Hackers field malware from fake US election sites Hackers have taken advantage of mounting interest in next year's US presidential elections to create fake websites that serve up exploits.Anti-spyware firm Webroot said that it has tracked hundreds of fake sites that lure visitors into downloading malicious files. Surfers may encounter these fraudulent websites after unknowingly selecting a dodgy URL from a list returned from a search or (more likely) after mistyping the name of a legitimate sit......
[more] Social networkers warned of risk A quarter of the 11 million Britons who use social networking sites such as MySpace and Facebook may be leaving themselves open to identity fraud. Get Safe Online, a government-backed campaign group, is warning against posting personal details online. Its research also showed eight million people leave home wireless networks unprotected against intruders. And more than half of the over-65s polled use a single password for every website they visit, the group said......
[more] F-Secure safeguards US General Motors Dealer Equipment customers from Internet security threats GM dealerships rely on the Internet for day-to-day business operations. In order to ensure that business can continue without interruption, the dealerships must protect their desktop computers and networks from the devastating effects of malicious viruses, spam and other malware threats. However, individual dealerships do not always have the IT resources needed to maintain a high level of security.F-......
[more] Times of India website cleaned of malware The website of a heavily trafficked Indian newspaper is clean of malware, just days after hackers launched a nearly impossible-to-detect cross-site scripting attack that infected users' machines with a variety of malware. The Times of India's website was hammered with a Web 2.0-style attack in which the malware writers compromised several pages with malicious scripts. The scripts pointed to a remote site containing IFRAMEs, which pointed to two other mal......
[more] New emails address you by name, then try to hose your PC Beware of emails that mention you and your company by name and claim to be official communications from the US Department of Justice. They're phony and will attempt to install malware on your machine. The emails, which claim to reference a complaint recently filed by a business associate, invite the recipient to click on an attachment that contains a nasty Trojan, two separate security firms, MessageLabs and Websense, are reporting.The pra......
[more] Despite filters, tidal wave of spam bears down on e-mailers Why, in 2007, is spam worse than ever? Let exasperated consumers count the ways: PDF spam. MP3 spam. Pump-and-dump spam. E-card spam. "Two years from now, spam will be solved." - Microsoft's Bill Gates, 2004, World Economic Forum in Switzerland. It may sound like a broken record, but spam continues to do just that - break records. This year marks the first time the total number of spam e-mail messages sent worldwide, 10.8 tril......
[more] Malware found on LaoAirlines.com, travellers beware of other sites Sophos has warned Australian travellers looking to book flights to South East Asia to make certain their anti-virus software is up to date before going online after yesterday intercepting malware on Lao Airlines.com. According to Sophos, the malware is embedded at the bottom of the Laoairlines.com web page in invisible java script code.Users who simply embark on the site will automatically be redirected to another site in China w......
[more] Lotus Notes threatened by email hack IBM's Lotus Notes messaging software can be compromised by a single maliciously crafted email, according to researchers at Core Security Technologies. There is a vulnerability in in Autonomy KeyView, software used by Lotus Notes to process Lotus 1-2-3 files, they said. Core's researchers found that when they opened a specially crafted Lotus 1-2-3 email attachment in Lotus Notes, they could run unauthorised software on the PC. Although details of the flaw hav......
[more] Chinese Trojans steal data from organizations Finjan Inc. has recently conducted a study prompted by the increased volume of attacks coming from China. The study maps how users PCs are being infected by Trojans distributed from China that then steal data from organizations and details some of the sites that are involved in the process. Finjan's Malicious Code Research Center (MCRC) have detected malicious activity by groups that distribute their content using obfuscated code and a network of we......
[more] Sites shut down after hack on Fasthosts The UK’s largest web hosting firm, Fasthosts, has temporarily shut down some of its customers' websites – hundreds of sites are reportedly affected – following a hacking attack on its database. The database contains the financial details, email addresses and passwords of over a million businesses for which Fasthosts hosts websites. Whether or how the thieves have used the stolen data is not yet known. On 29 November Fasthosts had to forcibly shut down a n......
[more] New wave hackers target open DNS servers Researchers at Google and the Georgia Institute of Technology are studying a virtually undetectable form of attack that quietly controls where victims go on the Internet. The study, set to be published in February, takes a close look at "open recursive" DNS servers, which are used to tell computers how to find each other on the Internet by translating domain names like google.com into numerical Internet Protocol addresses. Criminals are using t......
[more] Intel adds encryption to vPro Embedded security features, code-named Danbury, make application encryption easier, add new layer of hard drive protection The addition of the Danbury tools represents only the latest in a string of security and management technologies embedded directly into the vPro lineup by Intel, including the company's Active Management Technology (AMT), which is aimed at making it easier for administrators to do remote updates on corporate machines, such as for installing ant......
[more] Firefox 3 Beta 2 Arrives Early In the modern world of software development it's a rare day when a release actually comes out ahead of schedule. But that's the case with Mozilla's Firefox 3 Beta 2 release, which came out this morning some three days ahead of schedule. In the latest version, Mozilla developers have improved security and performance as well as functionality. In total, Mozilla boasts in its release notes that some 900 improvements were made in Beta 2 over the Beta 1 release, which......
[more] Malware honeypots wait for '08 The Web Application Security Consortium's Distributed Open Proxy Honeypot Project to track malware distributors will be relaunched in January An innovative malware honeypot project backed by a leading consortium of IT security experts is preparing to re-launch its global sensor network after Jan. 1 in an effort to dupe more cyber-criminals into handing over information about their latest attack methods. The Web Application Security Consortium's Distributed Open Pr......
[more] Media player offered with worm A batch of digital media players sold by a Dutch importer over the holidays appear to have been infected with a nasty stocking stuffer: a worm. One user reportedly discovered the worm, Worm.Win32.Fujack.aa, after opening the Victory LT-200, a 512 MB USB media player sold by Victory Nederland, wrote Roel Schouwenberg, a senior research engineer, for Kaspersky on a company blog. At least one other variant of the Fujack worm has been observed to spread other programs......
[more] BETT: Brunel tackles harrassment with anti-spam Violent, threatening emails are now quarantined and trackable at Brunel University, letting the IT team prevent online harrasment and track those guilty to help protect their students. In a six-figure investment, the West London university signed up for Secure Computing's IronMail system just over three years ago in order to help them manage the deluge of incoming email, but it was quickly put to a more specific use when one of their 13,000 studen......
[more] 40% of US SMBs do not believe their networks are secure Despite having anti-virus and anti-spam software as well as a firewall installed, four in 10 small and medium sized companies in the United States still do not believe their networks are completely secure, a new survey shows. In a poll of 455 IT executives in US SMBs, 42% said their networks were not secure even though 96% and 93% of respondents respectively said they had anti-virus and a firewall installed. 80% said they also used spam fi......
[more] Unpatched PCs open to latest web hack A sophisticated hacking scheme seen early last year is affecting an increasing number of web servers, including one owned by a major online advertising company, Finjan Software has said. It appears that a single gang is behind the attacks, since the malicious software it spreads is storing login and password details on one server in Spain, said Yuval Ben-Itzhak. Finjan is trying to get the ISP to shut it down, he said. A web server of an online adverti......
[more] Cyber-espionage moves into B2B The practice of cyber-espionage is rapidly moving beyond the government sector and finding its way into the world of international business, according to experts with SANS Institute, one of the world's top IT security training organizations. While the United States and Chinese governments, most notably, have accused each other in recent years of carrying out surreptitious hacking campaigns aimed at stealing strategic information from their respective IT system......
[more] GSS advises firms to look at whitelisting security technology Global Secure Systems (GSS), the specialist IT security reseller and systems integrator, is advising companies to look at installing whitelisting security software on their servers in a bid to stem the rising tide of malware attacks and database information losses. "Whitelisting software was a security safeguard used mainly back in the 1980s when IT security software was in its infancy, but the concept fell from favour because of......
[more] Getting a grip on security - Indian style A survey of security in Indian organisations presents a fascinating insight into the risks perceived by IT professionals there. The Websense SOS “State of Security” survey questioned IT managers in 450 organisations in Delhi, Bangalore, Chennai, Mumbai and Hyderabad, included both large businesses and small and medium enterprises. Key findings include: Time spent on non work-related Web sites IT managers estimate that employees spend 5 hours per week on......
[more] Scareware package planted in ITV.com ads Users visiting the website of UK broadcaster ITV risk exposure to a scareware package. Malware-laced banner ads that lead to download sites for the Cleanator scare package have also been served up on the Radio Times website. Radio Times confirmed that it removed the offending ad late Wednesday morning, following initial reports of the problem on Tuesday. The cleanliness or otherwise of the ITV website is unclear at the time of writing.Cleanator is a rogu......
[more] Five basic mistakes of security policy TKAs I mentioned in my last article, security policies serve to protect (data, customers, employees, technological systems), define (the company's stance on security), and minimize risk (internal and external exposure and publicity fallout in the event of a breach). Security policy creation and dissemination are not just a good idea; both are mandated by a slew of corporate regulations, including PCI, HIPAA, and FISMA. This story presents five mistakes tha......
[more] Criminals automate security testing Cyber-criminals are starting to resemble the legitimate software industry to such an extent that they even pre-test malware applications for effectiveness before rolling them out. That is according to PandaLabs, which has found forums on which criminals hook up with one another to push ahead with development of applications which can be used to test their creations against known security products. In a blog, the company analyses several of the malware-testing......
[more] Anti-virus scam aimed at unwary users PC users have been that a Trojan called MonaRonaDona is being used to sell fake anti-virus software, warned security company Kaspersky. Unlike most viruses and Trojans which try to go about their evil task as invisibly as possible, the MonaDonaRona Trojan displays a broadly visibly message in front of the victim, said Kaspersky Lab researcher Roel Schouwenberg. Claiming to be part of a human rights protest, the message says: "Welcome to MonaRonaDona. I......
[more] Security vendors prep anti-virus software for Mac OS X Russian security vendor Kaspersky Lab has a prototype version of its virus protection software waiting in the wings in case Apple Mac OS X suddenly becomes a target of choice for hackers. Kaspersky, based in Moscow, has no plans soon to make it into a product, but one could "be ready in just days," said Timur Tsoriev, spokesman, at the Cebit technology trade show in Germany on Tuesday. Kaspersky's anti-virus technology is flexible......
[more] Security firms split over Phorm classification Security firms are split about whether they will classify Phorm's targeting cookies as adware. Kaspersky Lab, whose anti-virus engine is licensed to many other security vendors, said it would detect the cookie as adware. However, AVG, developer of the most widely used free of charge anti-virus scanner, said it would not detect Phorm's cookie even though the Czech firm's CTO Karel Obluk describes the technology as "borderline".AVG has decid......
[more] The top 10 security land mines Many companies spend a small fortune and deploy a small army to secure themselves from the many security threats lurking these days. But all those efforts can come to naught when making any of these common mistakes. The results can range from embarrassing to devastating, but security experts say that all are easily avoidable. And almost all can be done without spending one more dime. Here are the 10 most common security land mines that experts say you need to avoi......
[more] Attacks pushing Web controls Significant debate has recently been given over to the topic of whether or not younger workers will eschew jobs at companies that attempt to limit their access to popular Web sites and online applications, but some companies are already responding to rising security threats by blocking their employees from using work machines to move about the Internet freely. Large financial services companies have been known to enforce strict controls over the range of sites that......
[more] What firewalls do and don’t do Over the last few years, security threats to companies have grown and altered dramatically and so have the defences. Traditional firewalls, installed over three years ago, are often not best suited for current threats and don't protect against a number of newer threats. What firewalls doA firewall is a system designed to prevent unauthorised access to or from a private computer network. Firewalls are frequently used to prevent unauthorised Internet users from acce......
[more] Adware slips between pages of e-book An adware package has turned up on the latest e-book devices from iRex, and will install itself automatically onto a connected PC if it gets the chance. The infection appears to be the imgInSOY worm, which copies itself between removable media and uses autorun.inf to infect any Windows system it comes across. In addition to copying itself onto any more removable devices the worm operates as adware. The Iliad is a Linux-based e-ink device which synchronises w......
[more] Move over Storm - there's a bigger, stealthier botnet in town Researches have unearthed what they say is the biggest botnet ever. It comprises over 400,000 infected machines, more than twice the size of Storm, which was previously believed to be the largest zombie network. Machines from at least 50 Fortune 500 companies have been observed to be running the malicious software that's at the heart of "Kraken," the botnet that security firm Damballa has been tracking for the last few week......
[more] UK phishing attacks double Phishing attacks on UK consumers have more than doubled for the first quarter of this year, according to Apacs, the UK payment association. Apacs recorded more than 10,000 reported phishing incidents in the first quarter of 2008, more than 200 percent up from the same period last year. Online banking losses due to fraud have decreased by one-third from £33.5m in 2006 to £22.6m in 2007, Apacs said, but efforts to defraud users have climbed steadily. The num......
[more] Microsoft botnet-hunting tool helps bust hackers Botnet fighters have another tool in their arsenal, thanks to Microsoft. The software vendor is giving law enforcers access to a special tool that keeps tabs on botnets, using data compiled from the 450 million computer users who have installed the Malicious Software Removal tool that ships with Windows. Although Microsoft is reluctant to give out details on its botnet buster - the company said that even revealing its name could give cyber crimin......
[more] Vista as insecure as Windows 2000 Good news for users of Windows Vista. According to figures compiled by PC Tools, the OS has experienced only slightly more vulnerabilities than Windows 2000, which appeared eight years ago when malware was far less common. Or is that the bad news? Despite having a reputation as the least vulnerable of Microsoft's operating systems, Vista still managed to record 639 unique vulnerabilities over roughly the last half year, which puts it in a worse position than th......
[more] New attacks break 500,000 websites More than half a million websites have been compromised in a new round of attacks that hacked domains in order to infect unsuspecting users' PCs with a variety of malware, a security researcher said today. "This is an on-going campaign, with new domains [hosting the malware] popping up even this morning," said Paul Ferguson , a network architect with anti-virus vendor Trend Micro . "The domains are changing constantly." According to Ferguso......
[more] AVG scanner blasts internet with fake traffic Early last month, webmasters here at The Reg noticed an unexpected spike in our site traffic. Suddenly, we had far more readers than ever before, and they were reading at a record clip. Visits actually doubled on certain landing pages, and more than a few ho-hum stories attracted an audience worthy of a Pulitzer Prize winner. Or so it seemed. As it turns out, much of this traffic was driven by the new malware scanner from AVG Technologies.Six months......
[more] Instant trojan to worm toolkit sighted Miscreants have created a point-and-click toolkit designed to make it easier to both create and distribute Trojans. The Trojan2Worm (T2W) toolkit turns any executable file into a worm with auto-spreading capabilities. As such it provides the ability for Trojan infection agents to acquire worm-like spreading abilities. The tool requires minimal skills to use, net security firm Panda Security reports. Features include the ability to compress infectious files......
[more] New Storm Worm Capitalizes on Earthquake in China, Upcoming Olympics Websense announced that the Websense Security Labs ThreatSeeker technology has discovered a new Storm Worm social-engineering tactic, capitalizing on the recent global attention around the recent natural disaster in China and the upcoming Olympics, also to be held in China. These malicious sites speculate that the upcoming Olympics in Beijing would be "under the threat of failure" because of the recent earthquake in......
[more] Total cost of ownership, ease of management and low initial price are the most important issues for customers choosing UTM appliances Total cost of ownership, ease of management and low initial price are the three most important issues for customers choosing UTM appliances, according to new research by Check Point Software Technologies Ltd. The results of Check Point's recent survey also showed the most desirable and popular functions of UTMs for users, and the relevance of other factors such a......
[more] 'Security threats have moved to the Web' The world is not new to threats arising out on the Internet but its magnitude has left everyone stumped and this with security architects working round the clock to ensure that you are safe in the virtual world. But each year, newer weapons are being unleashed only to leave you surprised and annoyed. Jim Haskin, CIO, Websense Inc speaks to Prasad Ramasubramanian of CyberMedia News on the latest trends that his company is seeing and how one can be left wel......
[more] Cyber-criminals may be targeting iPhone launch A proliferation of malicious software for mobile phones has been predicted for the launch of the latest Apple iPhone, according to F-secure's security labs. Chia Wing-fai, a security response team manager for the Finnish anti-virus firm, said the expected rise in the number of people using newer mobile phones brought the threat of increased cyber-crimes. The iPhone will go on sale on July 11, and Chia said he believed malicious software was being......
[more] Secure Computing's Secure Web protects Joy Global from emerging Web 2.0 threats Secure Computing Corporation has announced that Joy Global Inc. has implemented Secure Computing’s Secure Web (formerly known as Webwasher®) security appliance. By deploying Secure Web, Joy Global has greatly improved its network security, including protecting company resources from emerging Web 2.0 threats. In addition, Secure Web has provided the mining equipment supplier with flexible Web filtering and has reduced......
[more] New Trojan in the wild targeting multimedia files Secure Computing is warning of a new Trojan in the wild that is infecting multi-media files on a victim’s hard disk. The initial infection happens from a pirate software site better known as a Warez site, where users go looking for an illegal crack or serial key to run copy-protected software. According to Secure Computing’s security advisory, when trying to play back the infected files, the user is fooled into believing a codec is needed......
[more] Malware to hit 1 million mark in days Security vendor, F-Secure is days away from capturing its unprecedented one millionth piece of malware. "Gone are the days where you had to worry about someone trying to rob your car or mug you in the streets. Thanks to the internet, we now have to worry about criminals that are far away." This was the grave warning Chia Wing Fei, security response team manager at F-Secure’s Malaysian headquarters, gave to a room full of visiting journalists last week......
[more] Secure Computing's Secure Web wins top honours in comparative anti-malware study Secure Computing Corporation, a leading enterprise gateway security company, today announced that in an independent test,Secure Computing's Secure Web (formerly Webwasher) Anti-Malware engine again ranked first place, achieving a near-perfect overall score and surpassing all other leading vendors. Secure Computing's Secure Web detected 97% of the samples with the best response time, scoring higher than all 27 other......
[more] Security Sleuths Sound Alarm on Asprox Flare-Up Web security firm Finjan issued a warning Thursday about a new wave of mass Web attacks that it said has affected more than 1,000 Web site domains, including government, retail, healthcare and advertising sites. Security vendors have been aware of the attack toolkit, dubbed "Asprox," for several years. However, they have noticed an uptick in the popularity of the malware since 2007.In May, cyber-criminals began a new round of mass Web at......
[more] Banking Trojan hides in fake Alonso F1 crash story Fabricated news of a supposed car accident involving Formula One star Fernando Alonso is being used to distribute a new banking Trojan. The fake news story, supposedly from Spanish daily El Pais, has two-time motor racing champion seriously injured on Tuesday in an accident in the norther city of Bilbao. The bogus story, distributed via spam emails, links to a video clip depicting what appears to be a spectacular blaze. The clip installs malware......
[more] How safe is your device? Be it logging onto your laptop, accessing your document on a scanner or getting a document on a printer, the trustworthiness of your device is of utmost importance. Security concerns led to protocols being set in order to stitch together the concept of Network Access Control (NAC). The main agenda has been to put forth policies that would help you access your network in a much-secured environment. In an exclusive interview with Prasad Ramasubramanian of CyberMedia News,......
[more] Houston, we have a virus Worm infects International Space Station laptops A computer worm that ferrets out passwords managed to stow away on laptops aboard the International Space Station, NASA has confirmed. It is not the first time a NASA computer has become infected.SpaceReg.com identified the infection as W32.TGammima.AG, a worm that spreads by copying itself to removable media devices. Once in place, it steals passwords to various online games, according to anti-virus software provider Syma......
[more] Best Western plays down impact of hack attack 8 million records? Huh, more like 10 A report in the Scotland's Glasgow Sunday Herald claims that the hotel chain has been turned over by a hacker who lifted eight million customer records. It reports that the Indian hacker who carried out the heist sold on the information to Russian cybercriminals. Data allegedly stolen included addresses, telephone numbers and credit card details.The attack was pulled off using a Trojan horse to infect a PC with ac......
[more] Antivirus sales to slow: Gartner Growth in anti-virus products will slow in the next five years as enterprises broaden their use of security technologies. Gartner's latest security software market forecast has found that sales of antivirus technologies will slow in the next five years compared to products such as URL filtering, security information, event management, software and email security products. Overall, revenue is projected to total $240 million in 2012, a compound annual growth rate o......
[more] McAfee sued by unhappy 'adware' company A little-known company called 7Search.com has become the latest outfit to legally contest its classification as spyware by a major anti-malware company. In a court filing from 25 August, Chicago-based 7Search.com complains that that "McAfee continues to incorrectly and falsely advise the public that 7Search.com contains downloads that are adware, spyware, or other potentially unwanted programs, when it is aware that there is no software on that site at......
[more] Kaspersky granted nifty scan-speed patent Kaspersky Lab has been granted a wide-ranging patent that might be of interest to anyone who has ever complained about the time it takes for anti-virus programs to scan PC files. US patent number 7392544 gives the Russian company the intellectual rights to a technique for varying scanning speeds dynamically according to a number of parameters such as file size, format, structure, whether it has been signed, and where the file might have come from. The......
[more] XP Security “Scareware” Scams Skyrocketing More users than ever before seem to be falling for scams being levied by fraudsters looking to make a quick – and lucrative – buck from bogus security applications. It’s sad to see people get scammed from their money when they’re seeking some level of protection from Internet threats – but instead they end up paying to install software that does nothing, at best, or is in fact itself malware. At least one security firm says criminals are raking hundreds......
[more] Researchers uncover new tool for building fake YouTube pages Researchers on Thursday discovered a new application that cybercrooks can leverage to create real-looking YouTube pages to serve as the launching pad for malware attacks. “It has the classic-looking square box that you're about to view a YouTube video but you get a pop-up that you're missing a component to view the video,” Ryan Sherstobitoff, chief corporate evangelist at Panda Security, told SCMagazineUS.com.But when user......
[more] Protecting your business from insider threats Business managers are aware of the dangers inherent within an organisation from disgruntled, or more likely just disorganised or unthinking employees. These insider threats can either open up the network to abuse from outside or can inadvertently cause mischief. There are some simple tips which if implemented will enable businesses to efficiently manage their enterprise security:1. Write and publish an IT use policy, then ensure your employees sign......
[more] It's time to think differently about protecting data The recent rash of high profile security breaches, data loss incidents and associated fraud highlights the fact that the security industry is failing to meet the threats organizations face when it comes to protecting the lifeblood of their business – their data and their customer's data. As the threats of data loss continue to increase, it's time for IT, CIOs, CEOs, boards and security practitioners around the world to fundamentally reexamine......
[more] Secure Computing Highlights Three Major Spam Campigns Secure Computing Corporation has released its monthly report on spam for September 2008 that highlights the spam trends along with three dominant spam surge during August 2008.According to the company, of the three spam outbreaks, CNN/MSNBC News spam was most dominant. Recently, the new spam tactic employed to dupe users into downloading a fake flash player has attracted a great deal of attention. This attack included sending of e-mail messa......
[more] Trend Micro: Don't buy anti-virus software A Trend Micro security product manager has recommended people not to buy anti-virus products, including his own. But there is a method to his madness, he assures. David Peterson, consumer segment director for Trend Micro\'s ANZ business, said only a handful of the top 10 security threats these days are viruses, with downloaders, Trojans, keyloggers, and phishing scams filling up the list. As such, he believes stand-alone AV software is best suited for......
[more] Compromised Halloween websites passing along rogue software An internet search using the keywords “halloween costumes” may turn up a number of legitimate sites that have been compromised, and users might end up with rogue anti-virus software on their machine. The Halloween attack uses search engine optimization manipulation to distribute the campaigns, according to a Wednesday TrendLabs blog post. Attackers prey on the vulnerabilities in legitimate websites to embed malicious code, accordi......
[more] Javascript to be next core malware language Web 2.0 has placed a demand on browsers to become more interactive and act as a portal rather than a viewing platform is opening up new vulnerabilities, Itzik Kotler, team leader of the Security Operation Center at IT security firm Radware, has warned. As well as developing new signatures and analytics tools for Radware scanning software, Kotler also works on finding new classes of vulnerabilities before they appear in the wild.One such security hole......
[more] Finjan reveals how corporate data is stolen and stored by Cybercriminals Finjan today announced that its Malicious Code Research Center (MCRC) has documented step-by-step how corporate data is being stolen and stored on remote servers owned by criminals. In its October 2008 Malicious Page of the Month report, Finjan describes how a corporate user, while browsing the web for his regular business needs, got infected with a Trojan. The individual who worked for a large media company was just brow......
[more] ICANN to terminate notorious registrar's credentials after all After a brief delay, the non-profit group that oversees the internet's address system has decided to proceed with plans to revoke the credentials of EstDomains, a domain name registrar with a reputation for catering to cyber criminals. In a notice posted Wednesday, the Internet Corporation for Assigned Names and Numbers said EstDomains would lose its registrar accreditation on November 24. It cited the conviction of EstDomains Presi......
[more] Microsoft to offer free consumer security suite Microsoft on Tuesday said it is changing its strategy for offering PC antivirus software, with plans to discontinue its subscription-based consumer security suite and instead offer individuals free software to protect their PCs. Code-named Morro, the new offering will be available in the second half of 2009 and will protect against viruses, spyware, rootkits, and Trojans, the company said in a statement. With the arrival of Morro, Microsoft pla......
[more] Military's ban of USB thumb drives highlights security risks The U.S. Department of Defense has banned USB drives and other removable media devices after a worm infiltrated Army networks. “All units are not allowed to use any USB mass storage devices, which includes everything from hard drives to cameras to some printers,” an Army lieutenant told SCMagazineUS.com in an email on Thursday. Wired, citing internal U.S. Army emails, first reported the story, reporting that a variation of the worm &l......
[more] From phishing scams to pharming Recent press abounds with new, ‘innovative’ spam and phishing attacks. For years it was just email that organisations had to fear, but this has changed rapidly with attacks now appearing from all directions. Instant messaging, message boards, blogs and, of course, social networks are now all prime spam and phishing waters. In November, for example, the press recognised the true scale of Facebook as a phishing medium and the increasing number of users being target......
[more] Malware authors play Mario on Daily Mail website An advertising network used by the Daily Mail website is being used to serve up malware. We passed on a reader tip about a possible infection on DailyMail.co.uk to anti-virus firm Sophos, which confirmed that a strain of the Mario family of worms was being offered by an Israeli advertising network used by the Daily Mail. The tainted ads are the work of malicious hackers who somehow succeeded in injecting redirection scripts into the ad network.......
[more] New trojan in mass DNS hijack Researchers have identified a new trojan that can tamper with a wide array of devices on a local network, an exploit that sends them to impostor websites even if they are hardened machines that are fully patched or run non-Windows operating systems. The malware is a new variant of the DNSChanger, a trojan that has long been known to change the domain name system settings of PCs and Macs alike. According to researchers with anti-virus provider McAfee's Avert Labs, t......
[more] How to use public Wi-Fi safely Sandwich chain Pret A Manger became the latest venue to announce free wireless internet access this week. But while public 'hotspots' are growing in number, free bandwidth comes with an element of risk, warns security specialist David Hobson. Once you are associated to an access point, you are on the same network as others connected to the same access point, in the same way as plugging into the same network segment. A simple network discovery will show who else is......
[more] Internet needs global regulation, says researcher The Internet needs to be globally regulated if it is to have any chance of stopping scams such as security ‘scareware', a researcher has suggested. According to Mary Landesman of ScanSafe, the recent Federal Trade Commission (FTC) injunctions against two companies accused of distributing fake anti-virus programs is a step in the right direction but against a backdrop of widespread abuse. Landesman was referring to the recent case against US outf......
[more] 'Boom year' for hi-tech criminals If 2007 was witness to the rise of the professional hi-tech criminal, then 2008 was the year they got down to work. "The underground economy is flourishing," said Dan Hubbard, chief technology officer at security company Websense. "They are not just more organised," said Mr Hubbard, "they are co-operating more and showing more business savvy in how they monetise what they do." Statistics gathered by firms combating the rising tide of compute......
[more] Microsoft redirect aids boost fake anti-virus scam A new player has entered the fake anti-virus market - with a little bit of help from Microsoft and the US Internal Revenue Service. Over the past four days the scammers have used so-called redirector links on Web sites belonging to magazines, universities and, most remarkably, the Microsoft.com and IRS.gov domains, said Gary Warner, director of research in computer forensics with the University of Alabama, who first reported the activity on his......
[more] Windows 7 beta fights with anti-virus programs Users trying the Windows 7 beta who keep their computers safe with McAfee virus protection are in for a bit of disappointment -- and a loss of security. According to a Channel Web report, when you try to run McAfee Total Protection in the Windows 7 beta, an error message pops up. "The version of Windows installed on this machine is not supported. Please refer to the product documentation for a list of supported operating systems." McAfee's anti-vir......
[more] President Obama's website serving malware US President Barack Obama ran a successful Web 2.0 campaign last year. Now, as leader, he's got to deal with a very Web 2.0 problem: hackers abusing the social-networking features of his website. Hackers have registered bogus accounts on Obama's online community, my.barackobama.com, where they are posting images designed to set off a chain of events that lead to malicious Trojan horse programs. These programs are stepping stones used by hackers to downl......
[more] Parking ticket leads to a virus Hackers have discovered a new way of duping users onto fraudulent websites: fake parking tickets. Cars in the US had traffic violation tickets placed on the windscreen, which then directed users to a website. The website claimed to have photos of the alleged parking violation, but then tricks users into downloading a virus. Anti-virus firm McAfee says the Vundo Trojan then gets users to install a fake anti-virus scanner. Vehicles in Grand Forks, North Dakota were......
[more] New Windows virus attacks PHP, HTML, and ASP scripts Researchers have identified a new strain of malware that can spread rapidly from machine to machine using a variety of infection techniques, including the poisoning of webservers, which then go on to contaminate visitors. The malware is a variation of a rapidly mutating virus alternately known as Virut and Virux. It has long proved adept at injecting itself into executable files, which are then able to attack uninfected machines through netwo......
[more] Experts sound scam threat warning Experts are warning of an increase in the number of fake anti-virus websites. Hackers are tricking people with a false warning, saying that the computer is infected with a Trojan and getting users to buy a fake anti-virus product. A number of sites were closed last year when authorities in the US took action to stop sellers of "scareware". But despite the closures, the number of sites continues to grow, with one expert saying it was "the biggest......
[more] Rogue Facebook Application Uses Fake Terms of Service Alert to Target Users For the second time in less than a week, Facebook users have fallen victim to a widespread attack due to malicious third-party applications. The latest attack is sending out notifications that users are in violation of Facebook's Terms of Service. For the second time in less than a week, Facebook has been forced to squelch a rogue application targeting users of the site.In the most recent attack, Facebook users receive......
[more] Camelot dismisses lottery website hack claims Camelot maintains the National Lottery website it runs is secure, following the publication of a supposed breach on an underground hacking forum. The same Romanian group that discovered SQL injection problems on the website of Kaspersky, BitDefender, and other anti-virus vendors in recent weeks has posted screen shots of supposed flaws on the national-lottery.co.uk site. Unu, a member of the hacker group, claims that "an unsecured parameter all......
[more] German office for information security claims internet safety is poor, as almost half of users are unprotected Security levels on the internet have been described as ‘catastrophically poor'. A representative of the German government made the claim at the CeBIT Computer Fair in Hanover, with BSI chief Hartmut Isselhorst claiming that as soon as a user goes online they become a target. Yuval Ben-Itzhak, chief technology officer at Finjan, said: “Research from the BSI, the German federal off......
[more] Online brand abuse 'on the rise' Online abuse of the world's top brands is rising, according to a report. Cyber-squatting - in which someone registers a domain name with the aim of selling it on at a later date - remains the most common form of abuse. Cyber-squatting rose by 18% in 2008, to 1,722,133 reported incidents, according to brand specialist MarkMonitor. The study also found that 80% of sites identified in 2007 as "abusive" were still in existence today. The report suggests th......
[more] Online attackers feed off Norton forum purge Quick-moving attackers took advantage of a glitch in an update for Symantec anti-virus software, using an information vacuum that followed as an opportunity to lure panic-stricken users to websites that tried to install malware on their computers. The glitch began around 4:30 pm California time on Monday, when Symantec engineers accidentally distributed a software update for older versions of the Norton Anti-Virus that had not been digitally signed.......
[more] Holes in the machine Malicious software may just be a property of the network, says regular contributor Bill Thompson. "The Conficker worm will be active again on 1 April, according to an analysis of its most recent variant, Conficker.C, by the net security firm CA." " This malicious piece of software, also known as Downup, Downadup and Kido, spreads among computers running most variants of the Windows operating system and turns them into nodes on a multi-million member "botnet" o......
[more] New Waledac spam falsely warns of bomb blasts Normally capitalizing on current events and holidays to spread its seed, the Waledac trojan now has turned to the message of fear. Security companies warned Monday of a new malware campaign in which the Waledac botnet creators are distributing emails that falsely claim the recipient's city has been the site of a bomb blast. The emails contain a link that leads to a malicious -- but real looking -- site, complete with the logo for news agency Reuters......
[more] Big jump in online banking fraud Software allowing fraudsters to track what you type led to the level of online banking fraud more than doubling in 2008, according to a banking body. Fraudsters use a device called keylogging - when keystrokes on a computer are tracked to gather passwords and credit card numbers. Online banking fraud jumped to £52.5m last year, up from £22.6m in 2007, said UK payments association Apacs. Total fraud losses on UK debit and credit cards rose by 14% to &......
[more] Ukrainian cybercriminals raked in $10K/day, Finjan reports Ten thousand eight hundred dollars per day for cybercrime jockeys? That's what security vendor Finjan says it witnessed during its 16-day infiltration of a cybercrime operation, based in the Ukraine, that involved selling bogus anti-virus software. "If someone gets over $10,000 per day in cybercrime, it explains why they want to do a lot of it," says Yuval Ben-Itzak, Finjan's CTO. The crime operation broke into Web sites and e......
[more] Companies encouraged to take 1st April Conficker attack seriously The rumoured Conficker attack on 1st April has been described as ‘no joke'. Jose Nazario, manager of security research at Arbor Networks, claimed that it had been a ‘busy three weeks' in researching the next likely actions of the worm, which hit an estimated nine million computers at the beginning of the year. Nazario said: "Many businesses have checked their security to make sure that they will be covered, the 1st April may......
[more] Security firms reflect on 10th anniversary of Melissa Today sees the 10th anniversary of the notorious Melissa virus that infected email servers across the globe, and forced a step change in the way anti-virus companies react to threats. Melissa was allegedly named after a lap dancer whom David L. Smith, the virus's creator, met in Florida. The malware sent an infected email entitled 'Here is that document you asked for ... don't show anyone else;-)', via Microsoft Outlook to the first 50 email......
[more] Cyber-espionage: a real and present threat A cyber spy ring targeting government and business computers containing sensitive information in over 100 countries grabbed the headlines this week, but the latest attacks are nothing new or unusual, say investigators. UK businesses are still shocked when they discover they have been infiltrated by cyber-espionage operations, but experts warn that this sort of infiltration happens all the time.The headline-grabbing spy operation, dubbed Ghostnet, is de......
[more] Cache-poisoning attack snares top Brazilian bank One of Brazil's biggest banks has suffered an attack that redirected its customers to fraudulent websites that attempted to steal passwords and install malware, according to an unconfirmed report. According to this Google translation of an article penned in Portuguese, the redirection of Bradesco was the result of what's known as a cache poisoning attack on Brazilian internet service provider NET Virtua. RegAd('mpu1', 'reg.security.4159/crime'......
[more] Conficker.E set to self-destruct next week The latest version of Conficker is set to self-destruct next week according to security researchers. F-Secure, Trend Micro and SecureWorks are among those that believe Conficker.E - first spotted this April and probably created by the same attackers that since last fall let loose the Conficker.A through Conficker.C variants - has been designed to simply self-detonate on 5 May. "It will simply self-destruct," said Mikko Hypponen, chief researc......
[more] Celebrity Viruses Improve Security Every so often, a computer virus becomes more than just a novelty for anti-virus researchers and moves into the consciousness of the mass media, even if it's not a grave threat. The recent Conficker outbreak is a fantastic example of this. While only a small fraction of all PC users were infected with the worm, a great deal of media coverage was devoted to the outbreak. Any user affected by Conficker was likely already compromised by the time they heard about......
[more] US 'should go on cyber-offensive' A US Air Force officer has told the BBC that his country should create an offensive botnet to target any forces that launch a cyber-attack against it. Speaking on Radio 4's The Report, Col Charlie Williamson said the US was currently in "defensive mode" on cyber-warfare and that needed to change. "[Armies] have always had some form of offensive capability. And that's really all I'm calling for," he said Col Williamson stressed he was speaking in a......
[more] Botnet discovered by Finjan contained 73 government domains A recently discovered botnet that contained 1.9 million infected computers contained 73 government domains. Finjan's UK regional director Tim Warner claimed that when it was discovered in February it was one of the largest botnets to be found and identified. Further analysis revealed that 45 per cent of the domains were in the computing and internet sector. Warner said: “Conficker claimed to have many more infections but they wer......
[more] When good security kills performance Continuing on my recent theme of security pain points, I'm finding that many companies suffer horrible log-on delays because of their computer security defenses. I'm not talking about a minor inconvenience. I'm documenting 8- to 10-minute boot-ups and log-ons versus 1.5 minutes without the host-based firewall or anti-virus software that's getting in the way. It doesn't matter which operating system the end-user is running. The problem affects both Windows and......
[more] Adobe's PDF vulnerability patched Security researchers say Adobe's PDF vulnerability, which was fixed Tuesday, is more of a pressing issue than Microsoft's PowerPoint vulnerabilities fixed the same day. Adobe issued Windows updates for Reader and Acrobat versions 7, 8 and 9 and Macintosh and Unix updates for versions 8 and 9 for a vulnerability in Reader and Acrobat. The company said updates for Adobe Reader and Acrobat 7 for Macintosh are scheduled to be available before the end of June, accord......
[more] Steps to mitigate Web 2.0 security risks Love or loathe it, businesses can’t ignore the Web 2.0 phenomenon. As LinkedIn, Facebook, Twitter, wikis, blog sites, Flickr, music sharing and other collaborative applications have eased their way into peoples’ working lives, companies are having to work through the security implications. These applications change the way people interact, blurring the line between what’s business and what’s personal. They allow people to put more data on the......
[more] Trend Micro 'de-lags' SMB anti-virus Trend Micro has released a new version of its ‘Worry-Free' SMB security suite, putting the focus on a design it says will greatly improve the software's updating speed. Worry-Free Business Security version 6.0 can ‘buffer' up to 80 percent of the program's detection engine on a server, freeing up the client PCs from having to run burdensome routines, the company said. As with any anti-virus server setup, it can also buffer updates, feeding them to......
[more] Conficker infects 50,000 more PCs every day The Conficker worm is still infecting systems at a brisk rate and continues to 50,000 computers per day, including many in Fortune 1000 top US companies. By Robert McMillan The worm is infecting about 50,000 new PCs each day, according to researchers at anti-virus supplier Symantec, which reported yesterday (20 May) that the US, Brazil and India have been hit the hardest.. "Much of the media hype seems to have died down around Conficker/Downadup,......
[more] YouTube hit by links that lead to malicious download sites Following reports that YouTube has been hit by new uploads featuring pornographic content, PandaLabs has claimed that almost 5,000 videos on the video-sharing site contain comments with links to a malicious webpage.The company claimed that such attacks have previously been seen, to a lesser extent, on sites including Digg.com and Facebook and now links have been detected that point to a webpage designed to download malware.The comments......
[more] Gumblar 'botnet' continues to grow as new variants detected The Gumblar attack is continuing to hit websites with new variants detected in Japan.Mary Landesman, senior security researcher at ScanSafe, claimed she had received correspondence claiming that the research on Gumblar ‘sounded very much like the GENO reports that had also been circulating in Japan. And as it turns out, indeed they were the same.'"ScanSafe termed the compromises Gumblar because that was the name of the secon......
[more] PC-pwning infection hits 30,000 legit websites And counting A nasty infection that attempts to install a potent malware cocktail on the machines of end users has spread to about 30,000 websites run by businesses, government agencies and other organizations, researchers warned Friday.The infection sneaks malicious javascript onto the front page of websites, most likely by exploiting a common application that leads to a SQL injection, said Stephan Chenette, manager for security research at securit......
[more] Twitter becoming 'security nightmare' Twitter mined by new scareware attack The latest attack to hit Twitter is a "security nightmare" and marks the first time hackers have taken to using the micro-blogging site for profit, a researcher said today. Unlike earlier cross-site scripting attacks on Twitter, the latest wasn't a worm, said Roel Schouwenberg, a senior anti-virus researcher with Moscow-based Kaspersky Lab. Instead, it's something even scarier: The first instance of hackers ser......
[more] McAfee downplays service pack fail Virus update leaves PCs unbootable A recent McAfee service pack led to systems being rendered unbootable, according to posts on the security giant\'s support forums.The mandatory service pack for McAfee\'s corporate Virus scanning product, VSE 8.7, was designed to address minor security bugs but instead tagged windows system files as malware. The software update was issued on 27 May and pulled on 2 June, after problems occurred. Users were advised to keep the p......
[more] Could a positive note be struck out of the RMT strike for business practice? For those of you located in the capital you will undoubtedly be impacted by the RMT strike action that has caused chaos in London. I am not about to get into political debate about the rights and wrongs of the strike, but much like when Britain was hit by snowstorms earlier this year, the inability to get to the office does bring about the conversations on remote access and the security implications. Steve Watts, co-fo......
[more] Nine Ball attack strikes 40,000 Web sites More than 40,000 Web sites have been hit by a mass-compromise attack dubbed Nine Ball that injects malware into pages and redirects victims to a site that will then try to download Trojans and keylogger code, Websense said today. According to Websense, which has tracked Nine Ball for a week and a half, the compromised Web site, loaded with malware, will first try to identify a Web visitor by IP address to discover if it’s a repeat visitor. To e......
[more] Michael Jackson's death exploited by cybercriminals Always quick to capitalize on major headlines, spammers have begun sending out messages related to the deaths of Michael Jackson and Farrah Fawcett, security researchers said. Jackson's death is being exploited by cybercriminals hoping to infect users with a trojan or to trick curious spam recipients into unwittingly revealing their personal information. Shortly after Jackson's death was confirmed, the SANS Internet Storm Center predicted that......
[more] PCs hit by Michael Jackson malware It didn't take long. Security researchers are reporting that hackers have begun to use the death of pop star Michael Jackson to infect people's PCs, just as they predicted. Starting late last week and continuing today, messages posing as breaking news alerts from the likes of CNN and the Los Angeles Times have been reaching users' mailboxes, said several security companies, including Sophos, Symantec and Trend Micro. Some of the messages, which have appeared o......
[more] Torrentreactor breach serves potent exploit cocktail Torrentreactor has long been regarded as one of the top bit torrent search engines, and with the demise of The Pirate Bay, it's likely bigger than ever. Now, it's been breached and is serving a potent cocktail of exploits to people browsing the site, Websense Security Labs says. Attackers have managed to inject an iframe into the site that scours Torrentreactor visitors' computers from a long list of vulnerable applications, including Adobe's......
[more] The one essential truth of computer security Who doesn't love that scene in "A Few Good Men" in which Jack Nicholson's character tells Tom Cruise's character, "You can't handle the truth. I have neither the time nor the inclination to explain myself to a man who rises and sleeps under the blanket of the very freedom I provide, and then questions the manner in which I provide it. I would rather you just said 'Thank you' and went on your way." I often feel like I'm acting out that scenario when s......
[more] Cybercrooks descend on Twitter with spam, attacks Cybercriminals are rapidly using Twitter— the popular Web-messaging service — to direct users to websites that sell porn and fake drugs and trigger promotions for fake anti-virus subscriptions. "We're starting to see a groundswell of attacks," says Dan Hubbard, chief technology officer at Websense, an Internet security firm. "Spam is usually the first bad thing we see before it escalates to things more nefarious."An escalatio......
[more] Forget spam - tackle e-mail holistically When your mission is to be the pre-eminent empowerment stockbroker on the Johannesburg Stock Exchange (JSE), but you need relocate your premises, move to a new Internet service provider, figure out how to provide business continuity while being plagued by the nuisances of spam and viruses, you need to look at innovative software as a service (SaaS) solutions to make it happen. Unified E-mail Management (UEM) to solve the company's spam and e-mail headach......
[more] ImageShack hit by hacking group who call for an end to full-disclosure The image-hosting site ImageShack was compromised over the weekend. Rik Ferguson, senior security advisor at Trend Micro, wrote on the Countermeasures blog that a group calling itself Anti-Sec exploited the site with a declaration posted to the full-disclosure mailing list. Ferguson said: “The effect of the attack was to replace many of the hosted images with a single (amusingly titled) image containing the Anti-Sec ma......
[more] Check Point endpoints get 'sandboxed' browser Check Point customers will this week get their hands on the latest version of the company's endpoint security client, R72, which features a new security-boosting ‘sandbox' browsing mode. The new WebCheck technology in R72 uses a mixture of approaches to keep corporate web browsing within certain safe limits, the company said. These included heuristic security checks based on ‘signatures' of known malware websites, analysis of unknown ones fo......
[more] AV vendors fight 'scareware' with new whitelist Security vendors have decided to take on the plague of bogus anti-virus software circulating on the Internet by creating a public list of legitimate vendors and programs. Run from the website of the Common Computing Security Standards Forum (CCSS), an organisation set up in March of this year by by Comodo CEO and chief security architect, Melih Abdulhayoglu, the purpose is to give ordinary Internet users something with which to check programs and......
[more] Webcams, printers, gizmos - the untold net threats Forget mis-configured Apache servers and vulnerability-laden Adobe applications. The biggest security threats to business and home networks may be the avalanche of webcams, printers, and other devices that ship with embedded web interfaces that can easily be turned against their masters. The web interfaces are designed to make it easy to manage the devices by allowing people to use a readily familiar medium to change settings such as file names......
[more] Almost all Windows users at risk from Adobe bug More than 9 out of every 10 Windows users are vulnerable to the recent Flash zero-day vulnerability according to a Danish security company. Adobe has said that it won't patch the flaw until this Thursday. Secunia said that 92 percent of the 900,000 users who have recently run the company's Personal Software Inspector (PSI) utility have Flash Player 10 on their PCs, while 31 percent have Flash Player 9. (The total exceeds 100 percent because some u......
[more] Booming scareware biz raking in $34m a month Fraudsters are making approximately $34m per month through scareware attacks, designed to trick surfers into purchasing rogue security packages supposedly needed to deal with non-existent threats. A new study, The Business of Rogueware, by Panda Security researchers Luis Corrons and Sean-Paul Correll, found that scareware distributors are successfully infecting 35 million machines a month. RegAd('mpu1', 'reg.security.4159/crime', 'pos=top;sz=336x2......
[more] July sees spam continuing to dominate emails as websites are compromised Threat reports for July show that spam continues to be sent at a high level with image spam and phishing still in high figures. Websense's July threat report claimed that there was a series of compromises of high-profile websites in a month it claimed was 'huge for zero-day attacks and critical vulnerabilities'. Websense Security Labs claimed that both the Center for Defense Information and Torrent Reactor websites were co......
[more] Twitter transformed into botnet command channel For the past couple weeks, Twitter has come under attacks that besieged it with more traffic than it could handle. Now comes evidence that the microblogging website is being used to feed the very types of infected machines that took it out of commission. That's the conclusion of Jose Nazario, the manager of security research at Arbor Networks. On Thursday, he stumbled upon a Twitter account that was being used as part of an improvised update serve......
[more] Two ways to be a super IT security admin A friend/coworker and I were on a team that was trying to win over a huge customer. Our team was presenting all the found problems to the client's senior management executives that day. Our leader was the main speaker; my friend and I were on hand in case some technical questions arose that the team leader couldn't answer. Early on, the meeting turned hostile, and our team leader appeared unprepared for all the executive's questioning and pushback. My fr......
[more] Trend Micro slims down anti-virus systems Security vendor Trend Micro is looking to launch an anti-virus suite designed to keep computers running smoothly while still protecting them from malware. The company said that Internet Security 2010 will reduce the footprint of anti-virus software, allowing systems to run faster and with fewer interruptions. Erik Hutslar, director of consumer product management at Trend Micro, explained that the move addresses a common complaint that anti-virus softwar......
[more] Conficker borks London council An Ealing council employee infected the UK local authority's IT systems with the Conficker-D worm after he plugged an infected USB into a work computer, causing tens of thousands of pounds in damages in the process. The May incident took several days to clean-up and landed the west London council with a bill of £500,000 in lost revenue and repairs, The Guardian reports. Because IT systems were borked, the council was unable to process more than 1,800 parking......
[more] Malware writers piggyback on 9/11 anniversary Malware writers have hooked onto the anniversary of the 11 September tragedy to spread malware via false virus messages. Malware writers are either registering new web pages and filling them with terms relating to the event, or breaking into existing web sites and adding terms to rise higher on search engine rankings. They are using these pages to host false antivirus alerts, where users get a window appear telling them they are infected and offerin......
[more] Zbot evades most anti-virus programs The banking trojan Zbot, which is one of today's most prevalent financially-motivated trojans, is not detected or removed by most anti-virus programs because of its ability to morph, according to a report issued by internet security firm Trusteer. A study of 10,000 Zbot-infected computers conducted this month revealed that a majority were running an up-to-date AV program, Mickey Boodaei, CEO and founder of Trusteer, told SCMagazineUS.com. 55 percent of Zbot-......
[more] Sharp rise in click fraud as botnet evades filters There has been a spike in click fraud thanks to a new botnet that is eluding the most sophisticated filters of search engines, web publishers and ad networks, according to a web security company. Click Forensics, which provides services to monitor ad campaigns for click fraud, said that the botnet's architects had figured out a way to mask it particularly well as legitimate search ad traffic.
The company is calling this the "Bahama botnet" beca......
[more] Conficker baffles security experts Security experts have admitted that the Conficker worm has baffled them. The worm has infected more than five million computers in a botnet that is powerful enough to take out the internet in Australia, according to the Sydney Morning Herald. Rodney Joffe, a director of the Conficker Working Group formed to defeat the worm, said, "The general agreement in the security world is that Conficker is the largest threat facing us from a cyber crime point of view. It......
[more] Security firms battle world's biggest spam campaign Computer users in the US are finding there's someone to fear even more than the tax man. They're being spammed by criminal gangs, preying on users' fears of the tax authorities, leading them to install malicious software. Security researchers estimate that the campaign has already enriched criminals by millions of dollars. The spam campaign, entering its third week now, is showing no signs of slowing down, according to Gary Warner, director of......
[more] UK SMEs happy to rely on free security tools Small and medium sized businesses (SMBs) across the UK are the thriftiest when it comes to IT security, and spend less than any of their counterparts from other countries in Europe, according to research by cloud security firm Panda Security. The survey found that almost 98 per cent of UK SMBs spend less than £1,000 a year on security software, and around half spend less than £300 a year.
Some 57 per cent of UK businesses surveyed use fre......
[more] How to remove Conficker virus A lot of really good research has been published about the Conficker worm, its many forms, infection vectors and speculation as to what it’s going to do next. But what seems to be missing is the operational side of fighting Conficker. What signs would you expect to see, how do you really fight it and what can you possibly do to prevent it? Here's a fictional case study that may be of help.
Day one: Why is my account getting locked out?
You come in to the office thi......
[more] Who's afraid of malware? Four in 10 have never had a virus Despite an ever-increasing amount of malware in the wild, almost four in ten respondents to a silicon.com poll have never been hit by a virus. The poll, which asked readers when their PC was last infected, found 39 per cent of respondents claim their machine has never fallen victim to a virus, while a further 41 per cent of people's PCs were last infected between one and five years ago. The poll suggests that successful virus attacks co......
[more] Fake Antivirus: 5 software titles you should definitely NOT install We take a closer look at some of the more common scareware traps; what to look out for, how to identify the fakes and 5 rogue security software packages you should try and avoid at all costs. Bogusware, scareware or rogueware - whatever you prefer to call them, are all different names given to describe roughly the same thing: rogue security products that masquerade as the real thing.
According to numbers published by the Anti-P......
[more] Scam hits more e-mail accounts The scale of a phishing attack originally thought to be directed at Hotmail may be larger than previously thought. BBC News has seen a list of more than 20,000 more names and passwords that have been posted online. The list contains e-mail addresses and passwords from Hotmail, Yahoo, AOL, Gmail and other service providers.
The list was published on the same website as the original list of 10,000 Hotmail login details.
Some of the accounts appear to be old, unused......
[more] Q&A: Nick Lowe, Check Point head of northern Europe V3.co.uk sat down with Nick Lowe to discuss the need for consolidation in the security space, and the effects of the recession. V3.co.uk: What are your customers most worried about in these current times?Nick Lowe: There are probably three main things I'm hearing on a regular basis. The first relates to what a security infrastructure will look like going forward. This gets exaggerated the more senior you go in an organisation. Cloud computing,......
[more] Inhibiting employee use of Web 2.0 applications is a double edged sword With strong evidence now emerging that allowing employee access to Web 2.0 sites is beneficial, many organisations are starting to reverse their decisions to ban the new internet. However, with no controls in place to manage sites accessed and content posted, companies are still in danger from data leaving undetected, employees posting negative and possibly libellous comments and escalating bandwidth usage. Organisations th......
[more] Web mail scam propagates itself The industry-wide phishing scam that has affected popular web mail services such as Hotmail and GMail, is spreading, according to experts. Security firm Websense says it has noticed a sharp rise in spam e-mails from Yahoo, Gmail and Hotmail accounts. This is because infected accounts are sending personalised e-mails to contacts suggesting shopping sites, which are in fact fakes.
Security expert Carl Leonard warned people to be on their guard.
He advised people to......
[more] Twitter bans security maven for sharing naughty link A well known security researcher was banished from Twitter for more than two days for including the address of a malicious website in a two-month-old dispatch. On Tuesday, Mikko Hypponen, chief research officer for anti-virus provider F-Secure, found his Twitter account suspended with no explanation. Every one of his tweets had been erased, and those trying to visit his page found a message that said: "Sorry, the account you were headed to ha......
[more] Fake antivirus attacks PCs with ransom demand The Fake antivirus phenomenon has taken an unpleasant turn with the discovery of a Windows program that not only cons users into buying an unnecessary license but appears to lock files and applications on the victim's PC. According to security company Panda Security, rogueware program Total Security 2009 starts out in conventional fashion with the ‘discovery' of a non-existent malware infection for which it demands an unusually ambitious $79.9......
[more] New Halloween-themed spam just the first fright With Halloween nearing, users should be on alert for spam and other attacks exploiting the holiday, and experts expect social network websites to serve as a major vector this year. So far, one Halloween-themed spam campaign offers readers the opportunity to earn money from home, according to anti-virus vendor Trend Micro.
"Happy Halloween!" the message reads. "Make it even sweeter with some EXTRA CASH in your candy bag!"
The message contains a lin......
[more] Windows 7 security: Five things you should know Microsoft says Windows 7 is the most secure version of the Windows operating system ever developed. Big deal, right? I am pretty sure that Microsoft has made that claim for every new version of Microsoft Windows in the past 15 years, and that it is a valid claim. What else would you expect? Is Microsoft going to come out with a new operating system and make it less secure than its predecessor? I think not. Still, while the marketing around Windows......
[more] Rogue anti-virus levels are at highest recorded in more than a year Levels of scareware, or rogue anti-virus, have been the highest recorded according to Fortinet. In its October 2009 Threatscape Report, author Derek Manky claimed that the total detected malware volume is at its highest in more than a year following a ‘significant' surge towards the end of September leading through October. He claimed that the main contributors were all rogue security downloaders. Manky said: "In our last recap......
[more] Switchers Guide: Understanding Mac security When it comes to security, using Windows can feel like living in the heart of a big city--the kind of place where you can install all the locks and alarms you want, but you still worry. The vast number of computer users who run Microsoft operating systems form the biggest, juiciest target cybercriminals could dream of. Which is why there are more than twenty-two million unique examples of Windows malware out there. Using the Mac, by contrast, is like......
[more] Companies must educate employees about the risks of online shopping and remind them of their security policy The potential danger of shopping online is that it can open the door to viruses, spam and phishing attacks that invade the workplace and cost enterprises thousands per employee in lost productivity and potentially millions in destruction or compromise of corporate data. Employees plan to spend nearly two full working days (14.4 hours) on average shopping online from a work computer this......
[more] Security study exposes enemy within The extent of the security threat posed by negligent employees has been exposed in a study by the Ponemon Institute. Ponemon’s State of the Endpoint survey, which was backed by security vendor Lumension, quizzed more than 3,000 IT professionals in the UK, US, Germany and Australia. Six out of 10 respondents said they lose sensitive data as a result of negligent employees, while nearly three in 10 have suffered malicious theft of sensitive data by employees.......
[more] New zero-day IE exploit on the loose Internet Explorer is reeling from yet another zero-day exploit, this time causing the browser to crash or tricking users into visiting a malicious web page. The new exploit, which was published to the BugTraq mailing list at the weekend, affects Internet Explorer 6 and 7, according to Symantec researchers. Symantec said that the malware exhibits signs of "poor reliability", but that a "fully-functional reliable exploit" is likely to be available soon.
The is......
[more] Phishing emails featuring Trend Micro logos discovered Phishing emails that claim to come from vendor Trend Micro have been detected. The emails feature the subject line ‘malware blocking tests put Trend Micro on top', and proceed to "inform" users about recent NSS Labs tests which found that new reputation-based anti-virus systems are doing a better job of blocking malicious software than their predecessors. In the tests, Trend Micro's software improved by 23 per cent with the system active. H......
[more] Five ways to lose your identity (and wallet) this holiday season The holiday season is almost here, and even in a recession, huge numbers of people will likely be shopping online for gifts this year. The rush by shoppers to the Web makes the season a great time for online retailers. It's also a great time for hackers looking to steal data and money from the unwary millions expected to search for great deals online. The growth of holiday hackers has annually prompted security analysts, identity......
[more] Check Point acquires FaceTime classification and signature database to secure Web 2.0 applications The momentous growth of Web 2.0 platforms and the benefits gained through their use introduces significant new compliance and policy challenges. Government agencies and corporations worry about sensitive information leaking out over Twitter or Facebook and organizations now face new rules, from regulatory bodies such as FINRA, specifically relating to content posted to social networks. Check Point......
[more] Malware hidden in English language text How hackers could evade antivirus protection. A team of US security researchers have engineered a way of hiding malware in sentences that read like English language spam. The work is a breakthrough because current network security techniques work on the assumption that the code used in code-injection attacks, where it is delivered and run on victims’ machines, has a different structure to non-executable plain data, such as English prose. One of the resear......
[more] Call sounded for anti-spam collaboration Security testing firm Virus Bulletin (VB) is calling on anti-spam vendors to work with one another to beat spam. The company said on Monday that its latest round of spam tests suggested that vendors could provide better protection for all users if they were to collaborate when developing anti-spam tools. VB said that the results of the latest round of anti-spam tests showed that if vendors were to share data on blocked messages everyone would benefit.
Th......
[more] Swine flu botnet causes chaos A spam campaign that poses as a message from the Centers for Disease Control (CDC) asking people to register for H1N1 vaccinations continues to be a major problem, according to a security researcher. The messages lead unwary users to a convincing-looking CDC site where they're asked to create a profile in order to receive a vaccination for the swine flu , which has made headlines for both its aggressive spread and a lack of vaccine. The site urges users to download......
[more] Scammers scrape RAM for bank card data Forget keyloggers and packet sniffers. In the wake of industry rules requiring credit card data to be encrypted, malware that siphons clear-text information from computer memory is all the rage among scammers, security researchers say. So-called RAM scrapers scour the random access memory of POS, or point-of-sale, terminals, where PINs and other credit card data must be stored in the clear so it can be processed. When valuable information passes through, i......
[more] FBI warns of scareware threat In another indication of the growing prevalence of fake Anti Virus scams, the FBI has released an advisory on so-called scareware. The US body’s Internet Crime Complain Centre (IC3) yesterday released an Intelligence Note which warned users that although these pop-up security warnings look authentic and sometimes even appear to be running a real-time anti virus scan of the user’s computer, they are not to be trusted. "The scareware is intimidating to most users and......
[more] Make sure employee online Christmas shopping doesn't become a business security issue This Christmas, with online sales expected to reach £5 billion, perhaps shoppers can learn a few lessons from the Ghosts of the Charles Dickens classic, A Christmas Carol. As the Christmas shopping season gets underway, most Internet users won't benefit from a visit from the Ghost of Christmas Past to warn them of the dangers of online shopping – a perennial target of cybercriminals attempting to steal confide......
[more] Scareware scammers exploit Brittany Murphy's death Actress Brittany Murphy's sudden death, just like Michael Jackson's untimely demise before her, has quickly been exploited by scareware scammers. A spike in searches on Murphy's death has been taken as a theme for Black Hat SEO attacks, designed to push sites that have been hacked to redirect surfers to scareware portals into prominence in search engine results. Windows users who click on links to poisoned search results get exposed to a fake a......
[more] Looking back at malware in 2009 2009 was the year in which nobody that uses the Internet could afford not to educate him/herself about the dangers that lurk in the inbox, in Google's search results, on the social networks they use, and sometimes even on their favorite news site. This year has definitely been marked by the increase of malware being delivered directly to your door (so to speak). So, let's see what were the major threats.
Conficker
Also know as Kido, Downadup or Downup, this worm......
[more] 2010 predictions: Security The security landscape is a complex, multi-layered one that changes more subtly and indefinitely than the seasons. It is therefore hard to predict security trends with any degree of certainty. That said, by looking back at the security developments of the past year and talking to security experts, we believe we have come up with a list of key trends that any IT leader worth his or her salt would be wise to keep an eye out for in 2010. Spam, botnets, social networks -......
[more] Waledac spreading through fake New Year's e-cards Cybercriminals behind the Waledac botnet have begun using a New Year's-themed campaign to capture more victims, security experts warned. The botnet is spreading spam messages that contain the subject line “Happy New Year 2010” and provide a link for what the email claims to be a New Year's greeting card, Mikko Hyppönen, chief research officer at anti-virus provider F-Secure, told SCMagazineUS.com. The campaign began last week. If followed, the......
[more] 54% of companies planning to deploy mobile antivirus in 2010 More than half of companies are planning to deploy mobile anti-virus products and services this year. According to the second part of the Mobile Security 2009 Survey by Goode Intelligence, 54 per cent of the organisations surveyed plan to deploy mobile anti-virus products and services, with 33 per cent planning to deploy mobile anti-virus products and services by March 2010. The remaining 67 per cent plan to deploy by September 2010.......
[more] Chrome sets browser security standard, says expert All browser makers should take a page from Google's Chrome and isolate untrusted data from the rest of the operating system, a noted security researcher said today. Dino Dai Zovi, a security researcher and co-author of The Mac Hacker's Handbook, believes that the future of security relies on "sandboxing," the practice of separating application processes from other applications, the operating system and user data. In a Wednesday entry on Kaspers......
[more] Hackers ran detailed reconnaissance on Google employees The hackers who infiltrated the computer systems of Google earlier this month first carried out sophisticated reconnaisance and may even have posed as friends of Google employees, according to McAfee chief technology officer George Kurtz. In a project dubbed Operation Aurora by the security giant, hackers are likely to have used sophisticated social engineering techniques and advanced reconnaissance work to target individuals at the compan......
[more] Manchester cops clobbered by Conficker Greater Manchester Police's computer network has been infected by the infamous Conficker worm, leaving beat cops unable to run computer checks on suspected criminals and vehicles for the last three days. The malware was likely introduced into the GMP network after an already infected memory stick was plugged into a Windows PC.
Conficker (aka Downadup) began spreading on Friday evening leading to a decision to disconnect GMP systems from the Police National......
[more] Scareware scams ride the back of killer whale tragedy Supposed footage of Wednesday's fatal Sea World killer whale attack in Florida actually points at sites distributing scareware. Dawn Brancheau, 40, a trainer at Sea World in Orlando, lost her life yesterday after a killer whale attack. Miscreants have wasted no time is exploiting the tragedy, as so many before it, by setting up malware traps designed to ensnare the unwary. Black hat search engine trickery is once again being used to drive tr......
[more] Microsoft shuts down global spam network Microsoft has won court approval to shut down a global network of computers which it says is responsible for more than 1.5bn spam messages every day. A US judge granted the firm's request to shut down 277 internet domains, which it said were used to "command and control" the so-called Waledac botnet.
A botnet is a network of infected computers under the control of hackers.
The firm said that closing the domains would mean that up to 90,000 PCs would stop......
[more] Microsoft to target other botnets with legal weapon Microsoft has several other botnets in its crosshairs, and believes it can use the same legal tactic against them that it deployed last week to strike at the Waledac botnet's command-and-control centers. But the company also admitted that it had not yet severed all communications between the controllers of Waledac and the thousands of compromised Windows computers used by hackers to pitch bogus security software and send a small amount of spam......
[more] McAfee warns of scareware plague Security firm McAfee has used its first Consumer Threat Alert to advise web users of the dangers of fake anti-virus scams. Malware writers are increasingly using the technique to snare unwary users by presenting pop-up windows appearing to be a security report from a recognised firm. The ads prompt the user to 'scan' their computer for viruses, but in fact often deliver malware designed to steal personal data and credit card information."It is an incredibly......
[more] Warnings made of backdoor Trojan disguised as a download for a Skype Email Toolbar Websense has warned of malware that claims to be a download for a Skype Email Toolbar. It claimed that there is currently a 'very low' anti-virus detection for the spam email message, which contains a file attachment named SkypeToolbarForOutlook.zip that contains a backdoor Trojan. Carl Leonard, security research manager at Websense Security Labs, whose ThreatSeeker Network discovered the new wave of email attack......
[more] Scammers capitalizing on tax season to spread Zeus Cybercriminals have been capitalizing on tax season by sending messages that appear to come from the Internal Revenue Service but actually lead to the data-stealing trojan Zeus, researchers at anti-virus firm Trend Micro warned Thursday. The messages ask users to follow a link and review their tax statement to fix errors related to unreported or under-reported income, according to Trend Micro. The URL leads users to a variant of Zeus, which ste......
[more] Differences between viruses, trojans and worms explained In the anti-malware business we often quibble over details the general public does not care about. To us these differences are important, though, as classifying a piece of malware helps us define and understand its nature and helps those of us stuck with detecting or cleaning up an infection. Many people try to use their understanding of these terms to defend their poor choices in security practices. It might be a good time for a little r......
[more] The need for a truly unified security solution It's no secret that modern security threats are converging and a significant proportion of data loss occurs via coordinated Web and email attacks. So why is it that many organisations manage multiple different security technologies? Information held and shared electronically proves rich pickings for cybercriminals. Businesses are actively targeted for specific information, and the threat can hit using email, Internet and data stealing technology -......
[more] Zeus banking virus is back warns security firm Zeus, a virus that steals online banking details from infected computer users, is more powerful than ever, warns a web security company. Trusteer says it has spotted the Trojan virus in one of every 3,000 of the 5.5m computers it monitors in the US and UK. Zeus 1.6 can infect people using Firefox and Internet Explorer web browsers, the company claims.The malware steals login information by recording keystrokes when the infected user is on a list of......
[more] Thousands of websites infected with 'backdoor code': Websense While users are concerned about the threat posed by rogue anti-virus, claims have been made that thousands of websites are infected by a backdoor code. Carl Leonard, Websense security labs manager, told SC Magazine that its Threatseeker Network was seeing more blended threats and SEO poisoning threats that are changing not daily, but hourly. He said: "It is a sign of the times that everyone is interested in news and if an anti-v......
[more] IBM unleashes virus on AusCERT delegates Delegates to AusCERT, Australia's premier information security event held this week on the Gold Coast, have taken home a little of the stuff they spent the week agonising over - a virus. In an email this afternoon, IBM advised visitors to its AusCERT booth that its complimentary USB key was infected with a virus. An IBM spokesman and conference organisers confirmed the email was genuine.It is the second time in two years that clumsy exhibitors have infec......
[more] Rogue Facebook apps launch 'beach babes' attack Another attack using rogue Facebook applications hit users' PCs Saturday in a virtual repeat of last weekend's massive assault, security researchers said. Like the earlier attack, today's scam uses a sex-oriented video as bait, said Patrik Runald, a Australian researcher who works for Websense Security. The scam is spread through Facebook messages touting "Distracting Beach Babes" videos that include a link to the malicious applications......
[more] HSBC browser plugin attacked by Trojan A popular anti-keylogging tool used by online banks such as HSBC, Trusteer's Rapport, has come under direct attack by malware writers trying to bypass its protection settings. In a discovery reported made by fellow security vendor Webroot Software, a Trojan the company names 'Phisher-Rancor' runs a batch file that tries to close down the Rapport app, while a second variant targets a separate binary, config.js. Luckily, the malware fails to overcome Rapport'......
[more] Cybercriminals are using the 2010 World Cup to snare their victims WatchGuard security analysts have seen an explosive growth of online threats relating to the 2010 World Cup, which kicks off tomorrow and runs to July 11. IT administrators should be aware of these World Cup threats and take appropriate action to mitigate their effects. Key threat findings:Spam - WatchGuard sees a global increase in spam using World Cup as the theme. In addition to traditional marketing spam, there is an increas......
[more] Cloud-based scanning service introduced by Watchguard Watchguard has announced the launch of a cloud-based web security service to couple with its XTM and XCS security appliances. Reputation Enabled Defense (RED) protects against web-based threats to protect users against next-generation threats and delivers highly secure web browsing via a cloud-based reputation lookup that scores URLs as good, bad or unknown. The company said that the lookup leverages a dynamic global database that aggregates......
[more] Kraken botnet re-emerges 318,000 nodes strong Kraken, a large and difficult-to-detect botnet that peaked in 2008 and was dismantled by early 2009, is back, and anti-virus solutions are struggling to detect it, according to researchers at Georgia Tech Information Security Centre. The botnet reappeared in April and, as of last week, was made up of more than 318,000 unique IP addresses, or about half its 650,000 maximum size in 2008, Paul Royal, research scientist at the Georgia Tech centre told S......
[more] Google confirms attack on YouTube Malicious hackers attacked Google's YouTube on Sunday, exploiting a cross-site scripting (XSS) vulnerability on the ultra-popular video sharing site, hitting primarily sections where users post comments. "Comments were temporarily hidden by default within an hour [of discovering the problem], and we released a complete fix for the issue in about two hours. We're continuing to study the vulnerability to help prevent similar issues in the future," a Goo......
[more] Social-engineering contest reveals secret BP info A hacker competition that challenges contestants to trick employees of large companies into divulging potentially sensitive information aims to show how human gullibility is the biggest security vulnerability of all. During its first day at the Defcon hacker contest in Las Vegas, it had clearly achieved its goal. With just two phone calls, entrant Josh Michaels managed to dupe a computer support employee at BP into spilling details that could ha......
[more] Detecting source rather than code is key, says Trend Micro From their Silicon Valley office, David Perry, global education director of Trend Micro, told Infosecurity that it's no longer sufficient to detect code, but instead, it's more productive to detect the source of the code. "Organised crime is now commercially produced. The bad guys are trying to break our methods of protection, and one virus has turned into a criminal enterprise of many components. We can no longer focus on detectin......
[more] Sophos warns of fake anti-virus spam campaign Security vendor Sophos is warning of a major spam campaign designed to trick users into downloading fake anti-virus software. In a blog post, Sophos senior technology consultant Graham Cluley explained that the unsolicited emails arrive with subject lines such as "You're invited to view my photos!", "Appointment Confirmation", or "Your Bell e-bill is ready". "Opening the attached HTML file, however, redirects your w......
[more] Windows malware dwarfs other viral threats The vast majority of malware - more than 99 per cent - targets Windows PCs, according to a new survey by German anti-virus firm G-Data. G-Data reckons 99.4 per cent of all new malware of the first half of 2010 targeted Microsoft's operating system. Just 0.6 per cent of the 1,017,208 new malware programs discovered in 1H2010 targeted other systems, such as Apple Mac boxes and servers running Unix. The figures help to place much-publicised but rare malwar......
[more] Sick PCs should be banned from the net says Microsoft Virus-infected computers that pose a risk to other PCs should be blocked from the net, a senior researcher at software giant Microsoft suggests. The proposal is based on lessons from public health, said Scott Charney of the firm's trustworthy computing team. It is designed to tackle botnets - networks of infected computers under the control of cybercriminals.Putting machines in temporary quarantine would stop the spread of a virus and allow......
[more] McAfee introduces antivirus software for virtual environments McAfee has developed an antivirus product or virtulised environments. The company has partnered with Citrix to provide a means of protecting virtual machines in the same way that it can handle physical ones. The system, known as McAfee Management for Optimised Virtualised Environments AntiVirus (Move AV) has been specifically designed for Citrix XenDesktop to help customers protect corporate networks from malware. Launched at the Citr......
[more] Identity fraud costing the UK £2.7bn a year Identity fraud affects over 1.8 million people a year at a cost of £2.7bn, according to new figures from the National Fraud Authority (NFA). The average loss per person is around £1,000, and a total of £1.9bn finds its way into the hands of the fraudsters. Today marks the start of National Identity Fraud Prevention Week, which seeks to raise awareness of the problem. Hackers or identity thieves use the stolen accounts to buy a r......
[more] Undead Bredolab zombie network lashes out from the grave The decapitation of command and control servers associated with the infamous Bredolab botnet, and the arrest of a suspect in Armenia, is a fantastic step forward for internet hygiene. But these steps have nevertheless failed to stop all malicious activity associated with the zombie network. An operation led by the Dutch police led to the takedown of 143 command and control servers associated with the information-stealing botnet, estimated......
[more] How Data Loss Prevention solutions can be used to prevent data breaches In these compliance-driven times, there is more to a data breach than just the risk of loss of reputation or the public's trust to consider. Earlier this year, the Information Commissioner's Office (ICO) was given the power to fine organisations up to £500K for serious data breaches - some ten times the maximum penalty level that had previously been in place. Some are now calling for even higher penalties and even mand......
[more] Sophos delights Mac users with free antivirus Security software company Sophos has finally broken ranks and decided to offer Mac users a free antivirus product without hidden strings. Branded, free-to-use antivirus products for Mac OS X are almost unheard of and the examples that do exist are designed to tempt users into upgrading to get more features and support or lack some features. Sophos Anti-Virus Home Edition for Mac looks like becoming the first ever full-featured Mac security software......
[more] Businesses under all-out cyber attack, says Websense Cyber criminals are mounting an all-out attack on businesses, which is likely to continue, according to the Websense 2010 Threat Report. The report shows that in the past year, 52% of data-stealing attacks were conducted over the Web, 9% of data stealing attacks happened over e-mail, and 90% of all unwanted e-mails contained links to spam sites or malicious websites, up 4% on 2009. Most of today's blended attacks are considered "zero-day,......
[more] Warning over anti-virus cold calls to UK internet users Internet users are being warned about cold callers who offer to fix viruses but then install software to steal personal information. Campaign group Get Safe Online said a quarter of people it had questioned had received such calls, many suspected to have been from organised crime gangs. Some gangs, employing up to 400 people, are known to set up their own call centres to target people en masse.Internet users are also urged to be wary of po......
[more] McAfee CEO: Get ready for tidal wave of mobile attacks Next year will mark the turning point of the mobile application threat, McAfee president and CEO Dave DeWalt predicted during a keynote at SC Congress Canada in Toronto. In the past, protecting email was the major security concern associated with smartphones, DeWalt said. But now, the thousands of available third-party apps pose a major risk of malware introduction or private information disclosure. This challenge is only going to increase i......
[more] Facebook's Christmas Tree virus only a hoax Security vendor Sophos says Facebook users can relax and stop warning each other about a supposed computer crashing Christmas tree-themed app disguised as a virus since the whole thing is just a hoax. Thousands of Facebook users have raced in recent days to rescue friends by posting warnings of "one of the WORST Trojan viruses" out there, but Sophos says it has seen no evidence that such a malware-bearing app exists (not that one couldn't be......
[more] How to avoid an ICO fine The Information Commissioner's Office (ICO) finally came good today on its repeated promise to levy fines of up to £500,000 on firms contravening the Data Protection Act. V3.co.uk has spoken to various data protection experts to come up with the definitive guide for companies not wanting to become the next headline maker for the wrong reasons. First, a few points to consider. Although the financial penalty could be a significant burden on an organisation, especiall......
[more] Zero-day Windows flaw goes public A zero-day privilege escalation flaw has hit Windows that could allow hackers to bypass user account control security found in Vista and Windows 7. The flaw was posted briefly on a programming education site and could allow even limited user accounts to execute code in kernel mode, although researchers have found the vulnerability exploited on its own would not allow remote code execution. "This is a serious flaw because it resides in win32k.sys, the kernel......
[more] Legal sector moves indicate cloud acceptance Law firms are putting their e-mail systems in the cloud to cut costs and ensure they adhere to tough data protection regulations. Information sent and received by law firms is not only business critical, but often highly sensitive. As a result security, storage and reliability are necessities for any e-mail system. This has lead to IT departments buying separate systems to provide security, archiving and back-up.Cloud service provider Mimecast, which......
[more] Twitter hit by festive malware campaigns Experts at Panda Security have warned of festive malware threats spread via Twitter that capitalise on popular trending topics. The vendor's PandaLabs unit said that thousands of tweets have been sent using festive phrases such as 'Nobody cares about Hanukkah' or 'Shocking video of the Grinch', along with short URLs pointing to malicious web sites. Clicking on the link will take the user to a page that infects systems with fake codecs by exploiting the CV......
[more] Trend Micro issues virtualisation security warning Attacks targeted at datacentres and virtualised environments could represent the next vanguard of threats if cyber criminals begin to shift their attention away from the increasingly well secured desktop, according to security experts. Trend Micro chief technology officer Raimund Genes told V3.co.uk that, despite the many benefits of cloud computing, the back-end virtual infrastructures of many clouds are potentially at risk. "If the deskto......
[more] Ponemon Study: Workers Ill-Equipped For Cyber Threats An overwhelming majority of organizations don't feel adequately prepared to defend themselves against increasingly sophisticated malware attacks and many are less prepared than they were a year ago, according to the latest Ponemon Institute study, released Monday. The State of Endpoint Risk study, co-sponsored by the Ponemon Institute and security firm Lumension, assessed how effective organizations are in adopting effective endpoint security......
[more] Human error poor excuse for Telstra email leak Telco must work harder to soothe customers and ensure it doesn't leak their details again. Despite being the victim of "human error" Telstra will have its work cut out as it rebuilds customer trust following the leaking of their details this week, an anti-virus company said. M86 vice president Jeremy Hulse said the telco, which accidentally leaked a spreadsheet of customer details, would need safeguards to avoid further such embarrassment.......
[more] 2010 tech snapshot: IT security This year has seen an almost unparalleled buzz of activity in the security space, from big name mergers and acquisitions activity to allegations of state-sponsored attacks and most recently, the rise of the hacktivist. Alongside this are the continued threat of spam, the growing sophistication of malware and changing trends among the workforce such as mobile working and the use of social networking, which are exposing the enterprise to new and dangerous threats. S......
[more] Blue Coat ProxyOne appliance simplifies web security Network security firm Blue Coat Systems has launched a new appliance designed to bring enterprise-grade web security to small firms with few IT resources. The ProxyOne hybrid appliance combines anti-malware scanning, web filtering and user activity reporting in a single box which is easy to install and run, according to the vendor's European marketing vice president, Nigel Hawthorn. "Large organisations have always been able to implement......
[more] US sends out most spam at end of 2010 A Sophos report has found that the US sent out the greatest amount of spam between October and December 2010, with India, Brazil, the UK, and Russia making up the rest of the top five. Europe remained the continent responsible for sending out more spam than any other, with a 32.11 per cent share. Asia was just behind on 31.89 per cent. Whilst there was not much of a shake-up in terms of countries, spammers' tactics have altered a little."Spam is certain......
[more] Should employees buy their own computers? You are at work. Your computer is 5 years old, runs Windows XP. Your company phone has a tiny screen and doesn't know what the internet is. Idling at home are a snazzy super-fast laptop, and your own smartphone is barred from accessing work email. There's a reason for that: IT provisioning is an expensive business. Companies can struggle to keep up with the constant rate of technological change. The devices employees have at home and in their pockets are......
[more] Kama Sutra PowerPoint named as one of the threats of the last three months, as new warnings made on malware that bypasses cloud-based anti-virus The Kama Sutra virus has been named as one the largest threats of recent months. In Cyberoam's 2010 internet threats trend report for Q4, the Trojan downloader associated with a Kama Sutra presentation titillated recipients into downloading a PowerPoint presentation of sexual positions, but left their PCs infected with a malicious code that opened a bac......
[more] Fake anti-virus scam hits Twitter Researchers have uncovered a new scam targeting Twitter users. The operation is said to make use of the Goo.gl link-shortening service in order to hide the actual address of the attack site. Attackers are believed to be using compromised Twitter accounts to post Tweets advertising various pages linked through the goo.gl service. When users click on the links, they are directed through the link-shortening service to a third party page which launches the actual at......
[more] MyDoom the most destructive malware of the decade The 2004 MyDoom malware infection was the most costly piece of malicious software deployed in the past decade. Security vendor McAfee ranked the infection as the most destructive malware of the 2000s in terms of monetary damages. The company estimates that costs from lost productivity and commerce from the infection's massive spam campaigns mounted as high as $38bn ultimately. At its peak, MyDoom-related spam slowed global internet traffic by 10......
[more] Simply encrypting data isn't enough, key management is vital Information security and compliance often swim together in the collective minds of CIOs, and so in the mainstream the adoption of information security technologies tends to be related to how well they solve compliance issues. From many perspectives this is not unreasonable: corporate IT departments can't be experts in all areas and they need guidance. However, this can lead to the undesirable situation where compliance projects drive s......
[more] Facebook and web apps threaten network security The world is very different from the days when email ruled the roost and Yahoo, not Google, was the first search engine name that rolled off your tongue. In 1995, the worst security threat was a virus on a floppy disk. But in 2011 the security landscape has completely changed; cyber crime is a huge industry and computers have the ability to bring down the networks of whole countries. The internet is not just web browsing and email any more, it's Fa......
[more] Oddjob Trojan keeps banking sessions open after victims log out Miscreants have created a banking trojan that keeps victims' accounts open to plundering even after their marks log out of their accounts. The memorably named OddJob Trojan hijacks customers' online banking sessions in real time using their session ID tokens. By keeping accounts open even after victims think they have quit, the malware creates a window for fraudsters to loot compromised accounts and commit fraud. Trusteer, the trans......
[more] Malvertising - latest threat lures users to malicious sites Unsuspecting internet surfers are being fooled into clicking on seemingly above-board ads from recognisable brands only to end up on malicious websites that install malware on the users' computers. Websense Security labs have discovered that the popular auto trading site Autotrader.co.uk and cinema site Myvue.com have both served ads that redirected the user to malicious websites. In both cases the malicious ads were tailored to respond......
[more] South Korea sites fall under heavy DDoS attack A surprise distributed denial-of-service (DDoS) attack briefly took down 29 web sites belonging to South Korean government and businesses. The attack targeted government ministries, the National Assembly, local and resident US military systems and banking services, resulting in the brief shut down of an online stock exchange. All sites are now back online but experts are reporting another attack will occur at the same time tomorrow. "There was......
[more] Japan earthquake unleashes web scams, malware Cybercriminals profit out of tragedy The 8.9-magnitude earthquake and deadly tsunami in Japan also has triggered a tidal wave of cybercrime, say experts.Almost immediately after the news broke, internet fraudsters got to work by customising their malicious websites so they would rank near the top of search results, a process known as black hat search engine optimisation. They had information about the quake but actually had been booby-trapped with ma......
[more] Major spam network silenced mid-campaign The sudden drop in activity of a major spam producer looks to be the result of the largest co-ordinated attack on spammers. At 15:30 GMT on 16 March, a network of spam-producing computers, known as Rustock, suddenly stopped. It also appears that the infrastructure needed to control the spam network has been disrupted. Security researchers said that would make it the largest ever take down of a cyber crime network.In 2010, the Rustock botnet - a coll......
[more] Spotify apologises for tainted ad kerfuffle Spotify has promised to review its security following an attack that exposed users of the free version of its music streaming service to malware on Thursday. Tainted ads displayed to music fans served up content from sites that used the Blackhole Exploit Kit in an attempt to infect users with the Windows Recovery fake anti-virus (scareware) application. Windows users did not even need to click on an ad to risk getting hit, as an advisory by web securit......
[more] Government-backed website in malware scare A government-backed website, designed to champion the UK's start-up businesses has inadvertently linked users to malware, it has emerged. StartUp Britain, which launched on Monday, linked to a page hosting fake anti-virus programs, according to security firm Sophos. It will be an embarrassment for the government, which has been widely promoting the initiative.The link was removed shortly after launch, according to StartUp Britain.It told the BBC in a st......
[more] Websense warns LizaMoon SQL injection attack has hit 380,000 domains Security firm Websense is warning that that the mass LizaMoon SQL injection attack discovered earlier this week is much bigger than previously thought, and that over 380,000 URLs have been affected. The firm first warned of the attack on Tuesday, claiming that hackers had injected a single line of code into thousands of web sites, linking the viewer to a well-known fake anti-virus site at defender-uqko.in. Among the pages infec......
[more] Tracking the internal threats Whistle-blowing website Wikileaks does not just spell trouble for the US government, Bank Julius Baer and the other companies, organisations and individuals that feature on the site. Its mere existence and the appearance of many copycat sites is starting to occupy the minds of those who oversee security in every large company. Why? "Simple," said Philippe Courtot, founder and chief executive of security firm Qualys, "because every company has somethi......
[more] Epsilon breach used four-month-old attack A data breach exposing the customer details of the likes of Citigroup, Hilton Hotels and Dell Australia was part of a series of socially-engineered attacks first reported by an Epsilon technology partner some four months ago, iTnews can reveal. The world's largest email service provider, Epsilon, disclosed on April 1, 2011 that the data it manages on behalf of a subset of its 2500 global clients had been accessed by hackers the day prior. Today iTnews ca......
[more] Adobe confirms critical Flash zero-day bug For the second time in the last four weeks, Adobe has told users that hackers are exploiting an unpatched bug in Flash Player, again by embedding malicious code inside a Microsoft Office document. In a security advisory issued Monday, Adobe said that attackers are exploiting the vulnerability by embedding Flash attack files within a Microsoft Word document sent as an email attachment. Adobe did not spell out a patch timeline for the newest Flash zero-da......
[more] Blue Coat is the leader in Content Security Gateway Appliance Markets According to the latest report from Infonetics Research, Blue Coat Systems, Inc. (Nasdaq: BCSI) was the worldwide market leader in Content Security Gateway Appliances in 2010, and the leader in Europe, the Middle East and Africa (EMEA) with 35.7 percent market share, nearly double that of its nearest competitor. Blue Coat has led the worldwide and EMEA markets every year since 2006, when Infonetics first began reporting market......
[more] Looking beyond anti-virus to limit costs, attacks As more than two million new malware signatures are identified each month, and more organizations are falling prey to zero-day attacks, traditional anti-virus (AV) simply can't keep up in the malware arms race. If your organization is anything like the companies we've been speaking with, then you know firsthand the headache and ongoing challenge that the rising cost of malware has created. In fact, 48 percent of organizations recently reported......
[more] Fake security software catches out Apple owners A fake security program for Apple computers called MACDefender has racked up a significant number of victims. Hundreds of people who installed the software have turned to Apple's forums for help to remove it. The program's tactic of peppering screens with pornographic pictures has made many keen to get rid of it. MACDefender seems to have been successful because of the work its creators did to make it appear high up in search results.The number of......
[more] Just four per cent of smartphones and tablets are protected against malware The mobile security software market will be worth $1bn by 2013 as the need for protection on smartphones and tablets against a growing number of threats becomes essential, according to Juniper Research. The market will grow to $3.6bn by 2016 when over 277 million devices will be protected, up from just four per cent, or around 27 million, according to the firm's Securing and Protecting a Mobile Future white paper. Report......
[more] Researchers discover 4.5 million-strong super-botnet Millions of PCs around the world appear to have been quietly infected by the dangerous TDSS ‘super-malware' rootkit as part of a campaign to build a giant new botnet, researchers from security firm Kaspersky Lab have discovered. Malware and botnets come and go, but TDSS is different. First detected more than three years ago, TDSS (also known as ‘TDL' and sometimes by its infamous rootkit component, Alureon), it has grown into a mul......
[more] Security researchers discover 'indestructible' botnet More than four million PCs have been enrolled in a botnet security experts say is almost "indestructible". The botnet, known as TDL, targets Windows PCs and is difficult to detect and shut down. Code that hijacks a PC hides in places security software rarely looks and the botnet is controlled using custom-made encryption. Security researchers said recent botnet shutdowns had made TDL's controllers harden it against investigation.The......
[more] 'Shnakule' malware network combines fake ads and bogus AV alerts Security experts have warned of a major malware network known as 'Shnakule' that uses a combination of fake advertising banners and bogus security alerts to infect computers. Researchers at Blue Coat said that the malware spreads through code embedded in advertising banners that redirect to a third-party site which attempts to launch a fake anti-virus attack. The pages generate a pop-up window designed to resemble a Microsoft secur......
[more] If you need more information about Anti-virus, please feel free to contact us with your Anti-virus questions using our contact form.
