For even the most security minded individuals and organizations, malware continues to be a serious problem. It is all well and good knowing that your system has become infected and ensuring that you have the tools to perform a clean-up operation, but the key to avoiding future problems is determining the source of infections.
This is what Sourcefire aims to achieve with its new Network File Trajectory and Device Trajectory techniques. The company points out that in modern work environments the BYOD (Bring Your Own Device) model is becoming increasingly common. It is one thing to protect your own machines, but quite another to secure any device that may connect to a network.
IObit has announced the public availability of IObit Malware Fighter 2.0, the next generation of its popular anti-malware tool.
The most obvious change this time is the move to a Windows 8-style interface: large tiles, stark black background, and everything happening in a single window, rather than separate dialogs. It looks good, and is easy to use.
Today security firm F-Secure announces the discovery of a new Mac-based spyware program, the latest in what has become a small, but growing trend. Attacks have previously affected Apple itself, as well as users in the wild. The latest problem was discovered at a recent conference in Oslo, Norway.
The Oslo Freedom Forum, an event that is designed around the world's most influential dissidents, innovators, journalists, philanthropists, and policymakers, just wrapped up on May 15. During a workshop on freedom of speech, Jacob Applebaum, an independent computer security researcher, discovered a new and previously unknown backdoor on an African activist's Mac.
Along with a number of major employers, e-skills UK -- an organization dedicated to inspiring future talent in IT -- is developing a new apprenticeship scheme to build cyber security skills.
The scheme highlights the need to attract a new generation of talent into an industry where at the moment only 7 percent of security professionals are aged under 29. It will give youngsters an opportunity to start a career and earn a wage whilst working towards an internationally recognized qualification.
F-Secure has released its latest mobile threat report for January to March 2013. Highlights include an increase in threat families and variants of almost 50 percent over the previous quarter, and that Android is still the most targeted mobile OS.
Android threats accounted for 136 of the 149 detected during the period, the other 13 being aimed at Symbian. No threats were reported for iOS, Blackberry or Windows Mobile. The report notes a particularly worrying trend towards the commoditization of malware, either by making premium rate calls or stealing bank details. 114 out of 149 threats found were profit motivated. The authors state:
Web browsers are one of the main ways that malware finds its way onto your machine. Tests carried out by NSS Labs looked at the five major players, Chrome, Firefox, Safari, Opera and Internet Explorer to see which offers the best protection against more than 700 examples of real-world malware.
And the safest is... (Drum roll and a long, reality TV-style pause...) Internet Explorer 10, blocking 99.96 percent of known malicious downloads. Chrome comes second on 83.16 percent with the other three trailing a long way behind at around 10 percent each. This might come as a surprise to all those people who have long shunned Microsoft’s browser in favor of third-party alternatives on the grounds that they were safer.
Security products that work across all of your digital devices from PCs to smartphones are nothing new -- Norton One has been around for over a year -- but now McAfee has joined the fray. LiveSafe includes virus protection, a password manager and encrypted cloud storage in a single package.
The most interesting feature is the secure online Personal Locker that gives users 1GB of storage to hold their sensitive documents, financial records, IDs and so on. This is secured using biometric authentication with voice, face and device recognition. It works using Intel Identity Protection Technology. This is a hardware authentication mechanism that’s built into the latest Intel processors. To access a file you need to enter a PIN, take a photo for facial recognition and read two messages to confirm your voice.
Tomorrow is what is commonly known as Patch Tuesday in the lands of Microsoft and Adobe. It's the time of the month when the two software giants attempt to fix the bugs and security holes in their software by issuing a series of updates that are intended to benefit users. The practice of waiting to issue these updates is debatable, especially when exploits are available in the wild.
These updates, at least in the case of Microsoft, can also cause as much harm as good. Given that possibility, security company GFI issued an advisory in advance of the upcoming patches. "In light of the reboot loop problems resulting from the Microsoft patches issued in April, businesses need to have the ability to test patches, or have a trusted third-party test them, before deploying on corporate networks and PCs, in order to minimize potential downtime caused by a faulty patch" says Cristian Florian, product manager at GFI Software.
Yesterday I wrote about Adobe's latest security nightmare, this time involving web development environment ColdFusion. I also stressed that while aware of the problem, the company didn't plan a fix until May 14, during its next monthly patch release. For the Washington state court, this is not soon enough.
A ColdFusion vulnerability exposed 160,000 Social Security numbers and the driver’s license numbers and names of a million people. Before hitting the panic button, realize that if you have had no legal issues then you are likely safe.
Patch Tuesday approaches quickly. That time of the month when Microsoft deems it appropriate to fix the myriad security flaws that rear their ugly heads during the preceding time frame. As is custom, the company gives advance notice of what to expect, but no details regarding actual flaws -- a nod to not allowing (more) hackers to take advantage of the issues discovered.
May 14th is the next scheduled update of your Windows computer, and it will carry along 10 bulletins with it. A couple of these patch much publicized holes in Internet Explorer, one of which the company just released a "Fix it" tool designed to temporarily mend.
I feel as if I can write an "Adobe security flaw of the week" column. The company seems to be a target for every hacker on earth, with Flash and Reader leading the way. Last week Reader was under attack. Now this week brings a new security flaw, and also a new (or old) target in the form of ColdFusion, the Adobe web application development tool.
The developer has issued a security advisory letting customers know that some are vulnerable to this latest flaw. ColdFusion users who have restricted public access to the CFIDE/administrator, CFIDE/adminapi and CFIDE/gettingstarted directories are safe. However, those who have not taken these steps are vulnerable.
Independent testing organization AV-Comparatives has released its latest performance tests evaluating the impact of security software on system performance. It carried out the tests on a 64-bit Windows 7 system and measured a number of everyday activities including copying files, installing and uninstalling applications and launching programs as well as running the PCMark 7 benchmarking suite.
The results of these tests have been used to produce a system impact score measuring how much difference the various antivirus programs make compared to having no security installed at all. This makes for some interesting reading.
Last week, Microsoft's Internet Explorer made news, but not in the way the company should like. The "browser you loved to hate" becomes the target of a zero-day security flaw, which already is being actively exploited. Version 8 of the browser, which runs on all iterations of Windows going back to XP, is the target. Windows 8 customers are safe, as the latest operating system ships with IE 10.
The flaw allows an unauthenticated remote attacker to exploit this vulnerability and execute arbitrary code on a targeted system with the privileges of a targeted user. If the user holds elevated privileges, the attacker could completely compromise the computer targeted.
USB keys are compact, highly portable and a very convenient way to store and transfer information.
Unfortunately, they also make it extremely easy for others to copy files from a PC without your knowledge. And they can act as carriers for some very nasty viruses. So if you’d like to restrict their use on your system, you might be interested in the new Ratool.
VirusTotal.com is a great resource, a powerful tool which can quickly check just about any file for malware with around 50 of the world’s leading antivirus engines. But if you need to submit more than one or two files then its limited browser-based interface will quickly become a problem, and so you may want to try the new PhrozenSoft VirusTotal Uploader, instead.
Once installed, the program makes it much easier to check the files you need. At its simplest, you can just select one or more files in Explorer, drag and drop then onto VirusTotal Uploader, and they’ll be uploaded for you. A straightforward interface keeps you informed on the upload process, and results are displayed as they arrive.