malware
Testing So-Called ‘Unified Threat Managers’
snydeq writes “The InfoWorld Test Center has released vulnerability testing results for four so-called ‘unified threat managers’ — single units that combine firewall, VPN, intrusion detection and prevention, anti-malware, anti-spam, and Web content filtering in lieu of a relay rack stuffed top to bottom with appliances. The lab threw nearly 600 exploits of known vulnerabilities in a wide range of popular OSes, applications, and protocols, and despite being designed to thwart such threats, the UTMs as a class allowed hundreds to pass through. Why did the UTMs miss so many exploits? A lack of horsepower to perform the necessary deep packet inspection under load is suspected, as the lab pushed the limits of each unit’s throughput with legitimate traffic. ‘The upshot is, although the vendors have packed these devices with additional gateway security functions, clearly many UTMs are still strictly firewalls at heart.’”
Read more of this story at Slashdot.
Can you trust that new PC to be malware-free?
When you unbox a brand new computer, you presume that it’s lean, clean and pristine, right? The last thing you expect to find on a new system is malware. However, that’s one of the first things researchers at Kaspersky Labs found after purchasing and firing up a Companion Touch netbook.
Malware Found On Brand-New Windows Netbook
An anonymous reader alerts us to an interesting development that Kaspersky Labs stumbled across. They purchased a new M&A Companion Touch netbook in order to test a new anti-virus product targeted at the netbook segment, and discovered three pieces of malware on the factory-sealed netbook. A little sleuthing turned up the likely infection scenario — at the factory, someone was updating Intel drivers using a USB flash drive that was infected with a variant of the AutoRun worm. “Installed along with the worm was a rootkit and a password stealer that harvests log-in credentials for online games such as World of Warcraft. … To ensure that a new PC is malware-free, [Kaspersky] recommended that before users connect the machine to the Internet, they install security software, update it by retrieving the latest definition file on another computer, and transferring that update to the new system, then running a full antivirus scan.”
Read more of this story at Slashdot.
Malware Found On Brand-New Windows Netbook
An anonymous reader alerts us to an interesting development that Kaspersky Labs stumbled across. They purchased a new M&A Companion Touch netbook in order to test a new anti-virus product targeted at the netbook segment, and discovered three pieces of malware on the factory-sealed netbook. A little sleuthing turned up the likely infection scenario — at the factory, someone was updating Intel drivers using a USB flash drive that was infected with a variant of the AutoRun worm. “Installed along with the worm was a rootkit and a password stealer that harvests log-in credentials for online games such as World of Warcraft. … To ensure that a new PC is malware-free, [Kaspersky] recommended that before users connect the machine to the Internet, they install security software, update it by retrieving the latest definition file on another computer, and transferring that update to the new system, then running a full antivirus scan.”
Read more of this story at Slashdot.
Sophos Offers Free Klingon Malware
Sophos has released a Klingon-language version of a free malware scanning tool it uses to show Earth-bound customers how its technology stacks up against rivals’ software.
Drive-By Download Poisons Google Search Results
snydeq writes “A new attack that peppers Google search results with malicious links is spreading quickly, CERT has warned. The attack, which can be found on several thousand legitimate Web sites, exploits flaws in Adobe software to install malware that steals FTP login credentials and hijacks the victim’s browser, replacing Google search results with links chosen by the attackers. Known as Gumblar because at one point it used the Gumblar.cn domain, the attack is spreading quickly in part because its creators have been good at obfuscating their attack code and because they are using FTP login credentials to change folder permissions, leaving multiple ways they can get back into the server.”
Read more of this story at Slashdot.
Researchers hijack botnet, score 56,000 passwords in an hour
The Torpig botnet was hijacked by the good guys for ten days earlier this year before its controllers issued an update and took the botnet back. During that time, however, researchers were able to gain a glimpse into the kind of information the botnet gathers as well as the behavior of Internet users who are prone to malware infections.
Panda Floats New Cloud-Based Security Tool
Panda Security on Wednesday released a cloud-based antivirus solution in beta. Panda Cloud Antivirus is based on a new protection model that utilizes a thin-client agent and server architecture to process and block malware. The product provides full protection from viruses, spyware and rootkits for free, according to the company, and does so with 50 percent less impact on PC performance. The technology moves the entire malware scanning and determination process to the cloud and applies nonintrusive interception techniques to the client architecture.
Worm Solves Gmail’s CAPTCHA, Creates Fake Accounts
Malware creates new accounts until Google blocks the infected computer, then the worm uninstalls itself
Paradise Lost: Malware Targets Macs
With researchers reporting the first Macintosh-specific malware to be found “in the wild” on the Internet, Mac users want to know what to do.
