Saturday, April 28

Scan out Virus, Worms, Adware, Spyware infections

Computer Virus Infection - Checking if you are Infected or Not?

Ever wondered why your PC is getting so slow? Or how did those annoying popups get in your internet browser? Well… You probably have some kind of malware in your computer.

Do you want to know if your computer is infected? The extent of the infection and what type of infection it is (Adware, Trojans, Hacking Tools, Worms, Spyware)?

Luckily, there is this new website www.infectedornot.com which allows you to scan your computer for virus.

They offer two free security tools: one they call Panda Nano Scan and another one called Panda Total Scan. The Nano Scan tool is designed to quickly diagnose your PC in about a minute. The Total Scan takes between 5 and 10 minutes. The main difference between these two tools is that the Total Scan (the one that takes a little bit more time) also checks for latent malware and not only active malware. This is useful information, since most of the computers are infected with latent malware.

The website also displays statistic information about the level of infection in all the tested computers. And, of course, more than half the users had some kind of infection. It is really much more common than you think.

Visit InfectedOrNot.com and check your computer with either the Nano Scan or the Total Scan tool. Chances are you are already infected. It can't hurt to know.

Monday, April 9

Kaspersky Anti-Virus Mobile protection releases

Kaspersky Anti-Virus Mobile protection - Smart protection for Smartphones

Kaspersky Lab has announced the release of Kaspersky Anti-Virus Mobile, a product that protects mobile phones using Symbian and Windows Mobile operating systems (smartphones) against mobile malware. Kaspersky Anti-Virus Mobile is a fully functional, integrated security solution that protects smartphones from malicious programs and unsolicited SMS/MMS messages and this latest version now includes a range of new technologies and features that improve the program's performance and make it more user-friendly.

Kaspersky Anti-Virus Mobile uses a combination of real-time antivirus protection and on-demand scanning to protect against threats, and also provides protection from unwanted SMS/MMS messages by blacklisting undesirable phone numbers. Real-time antivirus protection monitors wireless connections and scans EMS/MMS messages, as well any data received from a PC during synchronization. Its flexible settings allow the user to view the phone's antivirus status as well as the event log, which records all actions performed by the program.

Kaspersky Anti-Virus Mobile includes an antivirus database update feature which ensures that the smartphone is protected against the latest malicious programs. Updates can either be installed automatically by a built-in scheduler, or on demand. Database updates are downloaded via WAP or HTTP from Kaspersky Lab servers. Kaspersky Anti-Virus Mobile takes advantage of advanced features available in today's smartphones: the device's built-in web browser can be used to download updates and view information about any malicious programs detected.

Compared to previous versions of mobile phone protection systems, the new-generation solution offers significantly enhanced functionality based on a much more extensive set of tools that process scanned objects and protect from IT threats. Kaspersky Anti-Virus Mobile includes a number of previously unavailable features, such as scanning of individual objects (files or folders) and isolation of infected objects in quarantine storage to prevent deletion of important information. The antivirus protection has become even more reliable due to the feature of unpacking and scanning the contents of .sis files, which are often used by cybercriminals for distributing malicious code. Optimization of the product's antivirus engine also results in higher performance levels.

Smartphone users will appreciate the pioneering antispam component of Kaspersky® Anti-Virus Mobile. The antispam module protects the user from mass mailing/advertising distributed via SMS/MMS. For maximum convenience, the antispam module has three predefined operating modes with different filtering levels: 'Enable', 'B/W Lists Only' and 'Disable'.

In the 'Enable' mode the antispam module filters incoming messages based on the blacklist and the whitelist, which are compiled by the user. When a message is received from a telephone number that is on neither list, the antispam module prompts the user to block or allow the message, and then to add the sender number to one of the lists. In this mode the antispam module operates as a personal SMS/MMS filter that ensures that the user receives only the messages that are needed. In the 'B/W Lists Only' mode the system filters incoming messages based only on the data from the blacklist and the whitelist. Messages from numbers that are on neither list are received without prompting the user. Finally, in the 'Disable' mode incoming messages are not filtered.

The product can be installed on smartphones that are based on Symbian operating system versions 6.x, 7.x, 8.x – Series 60, 80 or UIQ, or Windows Mobile 2003 (for Smartphones, Phone Edition) and 5.0.

Ipods aren't secure now

First 'Real' iPod Virus Surfaces

It just goes to show nothing is safe. Late last year, some TomTom GPS devices were infected with a pair of low-grade Windows viruses. The iPod also found itself infected with a similar low-risk virus late last year as well.

But neither of those two were a threat to the device or users. Both viruses got onto the machines during the manufacturing process and would not run on the device's native operating system. However, a newly discovered virus for the iPod does indeed run on the iPod.

The Podloso virus is a proof of concept that does not pose a real threat, but it shows the potential is there. Podloso does execute on the iPod, unlike the previous iPod infection. But the good news is that it doesn't do anything. It has no malicious payload, nor does it damage files. Antivirus vendor Kaspersky Labs considers it a "typical proof of concept virus. Such viruses are created in order to demonstrate that it is possible to infect a specific platform."

The other bit of good news is that it only works on iPods running Linux not the normal iPod operating system. Linux software would have to be loaded by the user, it's not included in the iPod as sold by Apple. There are some Linux antivirus programs available, like AVG from Grisoft and BitDefender, so once they add the Podloso definition it should be removable.

The virus works by installing itself to the folder that contains program demo versions. Podloso cannot be launched automatically without user involvement. Once launched, the virus scans the device’s hard disk and infects all executable .elf format files. Any attempt to launch these files will cause the virus to display a message on the screen which says “You are infected with Oslo the first iPodLinux Virus.”

Read more here

Biggest threat to Internet could be a massive virtual blackout


The most serious threat to the Internet infrastructure in the 21st century is a massive virtual blackout known as a "distributed denial of service attack," an outspoken board member for the group that administers Internet addresses said Thursday at a Hudson Institute briefing.

This type of high-tech ambush, which occurs when multiple compromised systems flood the bandwidth or resources of a targeted server to make Web pages unavailable, could be devastating for global online communication, said Susan Crawford of the Internet Corporation for Names and Numbers.
The most significant attack in recent years came on Feb. 6, when six of 13 root-zone servers were slammed by an army of "zombie computers," which were compromised by hackers, the Cardozo Law School professor said at the think tank event.

While the average Internet user's experience was not affected by the attack, the incident underscored the fact that there is no real oversight of those servers, whose components are backed up by other machines around the world, Crawford said.

Prevention of DDOS attacks will eventually mean "having fewer zombies out there," she said. "People are turning millions of PCs into weapons... and we don't have a lot of data about what is happening. Researchers are often operating in the dark," Crawford said.

The U.S. Computer Emergency Readiness Team and its facilitator, the Homeland Security Department, are largely reactive in their approach. "From the outside, it looks as if [DHS] doesn't really know what it's doing," she said. "They're trying, but many of their efforts lack timeframes for completion."

DHS also suffers from a high turnover rate among senior officials, but the agency now has Greg Garcia as its cyber-security czar, who is attempting to address the problem, Crawford said. He was previously vice president at the Information Technology Association of America.

Garcia has talked about the need for legislation but Crawford said she is "not convinced" that a new U.S. law can offer a cure for denial of service attacks because congressional action "is too local for the networked age."

Crawford advocated turning more attention and money to focus on prospective global educational efforts. A new multi-stakeholder entity "with a new, friendly acronym" might be the best solution, she said.

"None of the existing institutions will work," Crawford said. ICANN cannot do the job because its power is contractually based and too narrow, and the recently launched Internet Governance Forum is "highly political" and "not necessarily the best forum for a technical discussion of best practices," she contended.

Crawford added that improvements in routing security, which is "how packets go from one place to another," are also needed. A hacker could inject phony paths into a routing algorithm in order to intercept packets or trigger a DDOS attack. The susceptibility for such an assault grows as the size of so-called "routing tables" increases to accommodate the next-generation Internet known as IPv6, she said.

By Andrew Noyes
(c) 2007 National Journal's Technology Daily