Anti-Malware

Google has announced a brand new malware warning system that alerts its users to the possibility of a malware infection of their device.

Google said it had taken this measure after the search giant unearthed a pattern of unusual activity across the Internet  that it had identified as a new strain of malware that causes infected devices to send traffic to Google via proxy servers.

“Recently, we found some unusual search traffic while performing routine maintenance on one of our data centers,” Damian Menscher, a Google security engineer, said in a Google blog post. “After collaborating with security engineers at several companies that were sending this modified traffic, we determined that the computers exhibiting this behavior were infected with a particular strain of malicious software, or ‘malware.’”

According to Matt Cutts of Google, the malware only affects Windows powered computers. Google said that by notifying users of possible infections, they update their antivirus software to remove any infections.

For more information on the new malware alert see the official blog post, or visit the Google Help Center for general security tips.

Continue Reading

A 50,000 surge in Android Market applications in the last year has taken the total number of apps to over 200,000 but has come at a cost – the huge growth has brought with greater attention from cyber criminals with a sharp rise in malicious apps designed to steal user data appearing.

Since the middle of last year there has been a 400% increase in the detection rate of malware on the Google Android platfom, leading to several Android antivirus programs being released onto the market. Some have blamed the open source nature of the Android platform for these figures compared to Apple’s heavily moderated iTunes App store.

These figures were released during a recent mobile security study by Juniper Networks which concluded that the Android Market was the largest distribution network of malware on mobile devices. One particular Android app called DroidDream has been blamed for infecting up to 50,000 Android users before Google could remove the rouge app.

Security firms AVG and Webroot have recently released free and paid versions of their mobile security programs, with software specifically for the Android operating system.

Continue Reading

A whopping 77 million Sony PlayStation customers have had their personal details and potentially financial information put at risk due to a hacking attack against the Japanese technology manufacturer Sony.

Sony has been widely criticised for delaying notification of the attack to it’s customers, with the incident occurring on the 17th of April and word only coming out of Sony yesterday (27th April). As we pointed out during the Epsilon security breach, there are no laws that force companies to tell their customers of such a breach – in the wake of these two incidents I dare say this needs to be reviewed as a matter of urgency.

It is believed that only personal details such as customer’s name, email and address have been stolen, however Sony has said it cannot rule out that credit card details have also been affected. Leading security experts have pointed out that cyber criminals could now use the stolen information to steal customer’s identities and acquire new credit cards at financial institutions.

Continue Reading

AVG (AU/NZ) knows there’s more to keeping a business safe than installing Internet security software alone; it’s about understanding the relevant internal and external threats.

Melbourne, 27 April 2011 – AVG (AU/NZ) Pty Ltd, the distributor of the award-winning AVG Anti-Virus and Internet Security software in Australia, New Zealand and South Pacific, has launched its latest weapon in the fight against corporate cyber crime, the AVG Online Security Audit.

The free Security Audit provides small to medium businesses (SMBs) with customised reports on their security needs. This quick and easy survey tool for small business owners will help them understand where they are today and recommend ways to protect themselves from the dangers of malware attack and Internet crime.

The Security Audit reviews how employees use the company’s and their own equipment -from computers and laptops to smartphones and USB sticks – and what policies are in place for the use of business and private hardware, plus access to social networking and other Internet usage.

AVG (AU/NZ) will then email the business a personalised audit report created from the information provided which identifies where the problems lie and recommended actions. The report can be converted to a printable PDF document for use in discussion with staff and the development of security strategies. AVG (AU/NZ) also provides links to a range of guides to assist businesses to bolster their security efforts.

AVG (AU/NZ) has identified five ‘doorways’ through which cyber criminals are spreading malware and accessing company data:

1. Social networks;
2. Instant messaging and spam chat;
3. Insider threats from employees;
4. Unsecured remote technologies used by staff; and
5. USBs and smartphones.

Lloyd Borrett, Security Evangelist for AVG (AU/NZ) Pty Ltd, says, “Keeping your business safe means far more than installing anti-virus or Internet security software alone; it’s about understanding the threats relevant to your business. The AVG Online Security Audit is the latest development in a series of resources that we’ve designed to help SMBs and stop them becoming easy targets for attack.”

An insight to the extent of the problem was revealed when 2,000 SMBs were surveyed in the US and UK for the “AVG SMB Market Landscape Report 2010“. More than half (52 per cent) had no IT security guidelines for their staff, while one in seven had no Internet security software or solutions in place at all. SMBs are becoming prime targets for cyber criminals, with the survey revealing at least one in four have already experienced a security breach.

The Online Security Audit has been added to AVG’s Business Resource Centre, a free online library of guides and tools that can help protect companies from identity theft, data breaches, online banking break-ins and other computer crimes. It includes the 11 page AVG Small Business Security Guide, which is an action template covering the establishment of policies through to the documentation of processes to secure workplace practices and technology use.

“We know SMBs are not experts in IT or the specifics of the ever changing security sector. They often cite lack of time as a reason for not looking into the issue of risk and protection. With the launch of this free AVG Online Security Audit we’re actively trying to make things easier for them to keep their businesses safe. It’s an invaluable tool for SMBs to get them started on the right track. While AVG focuses on protecting their business, they can focus on growing it,” Borrett said.

Businesses can access AVG’s Online Security Audit to get their tailored security plan at http://audit.avg.com.au/ or watch the “Discover AVG’s Online Security Audit” video on YouTube – see http://www.youtube.com/watch?v=TtyeT2JdmbU.

AVG (AU/NZ) has a comprehensive range of security tips on its web site at http://www.avg.com.au/resources/security-tips/. For video tips from AVG (AU/NZ), see http://www.youtube.com/user/avgaunz.

Continue Reading

CBS news is reporting that the US Secret Service is investigating a serious security breach a Epsilon, a company that provides email and data services to over 2,500 client worldwide including major corporations such as Dell, TiVO, Verizon, CitiBank, Target, BestBuy, Barclays and JP Morgan Chase.

Epsilon reportedly sends out an estimated 40 billion emails a year for their clients, so this breach is sure to turn a few heads. No credit card or banking details are said to be affected. As there are no laws to enforce Australian companies to disclose these types of security breaches, many Australians may not even now that they are effected so we should all be on the look out for suspicious emails.

Remember most companies will never ask for your user name, password or banking details via email and always check the URL in the browser address bar when entering log in details from links originating for email. And as always make sure you have updated versions of antivirus software running on your computer.

A list of companies that has disclosed this breach can be found here. Dell Australia is one of the companies known to be affected, and a customer of theres I received this email last night:

An Important Message from Dell Australia

Dell’s global email service provider, Epsilon, recently informed us that their email system was exposed to unauthorised entry. As a result, your email address, and your first name and last name may have been accessed by an unauthorised party. Epsilon took immediate action to close the vulnerability and notify US law enforcement officials.

Whilst no credit card, banking or other personally identifiable information was involved, we felt it was important to let you know that your email address may have been accessed. While we hope that you will not be affected, we recommend that you be alert to suspicious emails requesting your personal information.

To help protect your personal information online we recommend that you do not provide any sensitive information through email, or open emails from senders you do not know. Dell will never ask for your financial information through email.

Dell takes its commitment to protecting customer data very seriously and has notified the Australian Privacy Commissioner and ACMA (Australian Communications and Media Authority). Dell continues to work closely with regulatory bodies and manage customer concerns.

We sincerely regret that this incident has taken place and we will continue to work with Epsilon to ensure that all appropriate measures are taken to protect your personal information.

Please contact us at anz_cust_serv@dell.com should you have any questions.

Sincerely

Deborah Harrigan
Dell Consumer and Small Business Executive Director
Dell Australia Pty Limited

Continue Reading

Leading security software vendor McAfee has warned SMEs to implement measures that encrypt or give the ability to format (erease all data) smartphones and other mobile devices incase they are lost or stolen.

The warning comes of the back of  a report issued by the company revealing there were over 20 million new malware threats identified last year alone, many of which are specifically targeted towards mobile devices. The report also makes mention of the Zeus Trojan which successfully infected Bristish Goverment computer networks.

Cheif  Technology officer for McAfee Asia Pacific explains:

“You need to look at the risk profile of your devices. First of all, identify what you are doing on that device? What are you actually using it for?”.

“Then you can make a decision about adding security. The first thing I would recommend is that people look at securing the actual data on their device… but that doesn’t mean you have to have a next-generation security product on there.”

“The creators of the Zeus botnet repurposed an old version of a commercial spyware package. Android/Geinimi, a Trojan inserted into legitimate mobile applications and games for the Android platform, was one of the most important threats of the quarter.”

“But this is a scenario that made people stock and look at what was happening. It’s going to get to a situation where people decide they need to add protection to their phones because we’re seeing so much action in this space.”

“You need to make sure that you are using the inherent features of the device. Most smartphones come now with some sort of password identification, and you should configure that and make it strong. Few people actually leverage these features.”

“You also need to make sure that if the device is lost, the data that sits on that device is secure. That’s more important than anything else and is typically overlooked because it’s been so difficult.”

“This year was massive for us, and we’re seeing an average of 55,000 new threats every day. It puts significant strain on the security model people are using, on whatever device they are using.”

Continue Reading

Stuxnet the highly complex virus that targets Siemens SCADA software has reportedly infected the PCs of Iran’s first nuclear power station. According the the IRNA new agency, the malicious code has not caused any damage the plant systems.

For more information on Stuxnet, see the McAfee labs blog.

[Source]

Continue Reading

Designed to aid users in preventing the spread of malware online, Threat Labs is a new portal service that will aggregate quantitive web threat detection data collected by AVG with data collected from the firms LinkScanner technology.

Rather than a replacement of existing software, Threat Labs will compliment existing software by giving users the opportunity to query a specific URL for more information. The unique tool is available to everyone and not limited to AVG customers. The software provides detailed statistics including a timeline, analysis of outbound links and a detection map.

“Web threats are constantly evolving and it is our mission to provide consumers with the resources they need to not be victims of Internet crimes,” said JR Smith, Chief Executive Officer of AVG Technologies. “What really excites me about Threat Labs is that it is all about what makes AVG a different security software company from our competitors because it is based on people powered protection. From the standard AV tools and malware detection, to more cutting edge resources like threat labs and our new social media tools, AVG is committed to a product line that is effective against the risks we understand today and the threats that are evolving as we speak.”

Continue Reading

Twitter has announced it will be rolling out it’s URL wrapping service, first outlined back in Jun. The new service, called t.co will not used as a URL shortening service rather it will wrap all outbound links with a new t.co simplified link.

According to Twitter, the new links will be easier to read with part of the actual domain showing in the tweet so that users know what they are clicking on.

Wrapped links are displayed in a way that is easier to read, with the actual domain and part of the URL showing, so that you know what you are clicking on. When you click on a wrapped link, your request will pass through the Twitter service to check if the destination site is known to contain malware, and we then will forward you on to the destination URL. All of that should happen in an instant.

The new service will be available in accounts who have opted in immediately and is expected to be live on all accounts by years end.

Continue Reading

BBC News has shown just how easy it can be to create and malicious application to run on a smartphone. The BBC spent a few weeks putting together a crude game for a smartphone that secretly spied on the owner of the phone.

Using the standard Software Developer Kits SDKs used by all application developers, the BBC was easily able to diguise their malware in the game without detection. This is because the legitimate applications are using the same functions according to security experts.

The BBC notes:

While the vast majority of malicious programs are designed to attack Windows PCs, there is evidence that some hi-tech criminals are starting to turn their attention to smartphones.

Booby-trapped applications for smartphones have been found online and in recent weeks Apple and Google have removed applications from their online stores over fears that they were malicious.

You can read the fully story on the BBC website.

Continue Reading