Pushdo - Analysis of a Modern Malware Distribution System
,----[ Quote ]
| As another anti-anti-malware function, Pushdo will look at the names of all
| running processes and compare them to the following list of anti-virus and
| personal firewall process names:
|
| * avp.exe
| * Armor2net.exe
| * kpf4ss.exe
| * blackd.exe
| * PXAgent.exe
|
| [...]
`----
http://www.secureworks.com/research/threats/pushdo/
AV software is no longer effective and most Windows PCs are infected in at
least one way. Only less than half are 'clean'.
Anti-virus protection gets worse
http://www.channelregister.co.uk/2007/12/21/dwindling_antivirus_protection/
Related:
Win 2000 anti-virus products fail independent tests
,----[ Quote ]
| Many big-name anti-virus products failed to secure Windows 2000 in recent
| independent tests.
|
| [...]
|
| Now, if you'll excuse me, I'm off to download a copy of Ubuntu Linux.
`----
http://www.theregister.co.uk/2007/12/04/win_2000_virus_tests/
Is security software becoming a security risk?
,----[ Quote ]
| Antivirus software must open and inspect data in hundreds, if not thousands,
| of file formats. One bug in the software that does this can lead to a serious
| security breach.
`----
http://computerworld.com.my/ShowPage.aspx?pagetype=2&articleid=6953&pubid=4&issueid=125
Symantec subscription glitch derails users
,----[ Quote ]
| Symantec has apologised after a glitch with its software resulted in
| "small group" of its customers been falsely advised that their
| software subscriptions had expired early.
`----
http://www.theregister.co.uk/2007/02/22/symantec_subscription_glitch/
Trend Micro flaw opens PCs to takeover
,----[ Quote ]
| As a result, the PC could suffer a "blue screen of death" or
| allow the attacker to remotely execute code and take control of
| the system, Trend Micro said.
`----
http://news.zdnet.com/2100-1009_22-6157554.html
McAfee Apologizes for Bugs in Falcon Roll Out
,----[ Quote ]
| The new software didn't work well with some ISP (Internet service
| provider) software, causing browsing slow-downs for some users, the
| company said. And customers who had disabled firewall protection would
| be presented with notification messages that could not be ignored, an
| annoyance for some.
`----
http://news.yahoo.com/s/pcworld/20060912/tc_pcworld/127111
Symantec customers stranded by renewals glitch
,----[ Quote ]
| Symantec's integration with Veritas in the UK has run into computer
| problems, leaving many Symantec customers unable to renew their
| corporate anti-virus licenses and large numbers of computers
| unprotected.
`----
http://www.theregister.co.uk/2006/12/04/symantec_glitch/
Single Anti-Virus Engine Is Vulnerable to Your Business Operations
,----[ Quote ]
| The latest white paper called, "Why one virus engine is not enough," of
| GFI, brings forth that the organizations, which have faith on the safety
| of a one anti-virus engine, are in fact rendering themselves open to a
| malicious and invariable danger from all types of malware.
`----
http://www.spywarehunter.org/entry/single-anti-virus-engine-is-vulnerable-to-your-business-operations/
Does antivirus have a future?
,----[ Quote
| Peter Gutmann, a researcher at the University of Auckland who presented the
| results of a study of the commercial market for malware at August's Defcon,
| estimates that a good virus programmer can make as much as $200,000 a year
| (here, a 660KB PDF). Alan Cox, an open-source security researcher, points out
| some additional possibilities. One is malware designed to sit under today's
| virtual machines. A proof-of-concept paper proposing such an attack, called
| Subvirt (PDF), appeared last year, written by three researchers from
| Microsoft and two from the University of Michigan. A presentation at last
| year's Black Hat security conference from Joanna Rutkowska, a researcher at
| Coseinc, a Singapore-based security company, covered a much leaner attack she
| called Blue Pill, which targets the virtualisation built into Windows Vista
| ^^^^^^^^^^^^^^
| and into current processors from both AMD and Intel.
`----
http://www.guardian.co.uk/technology/2007/sep/20/guardianweeklytechnologysection.spam
Finally, anti “bot” technology is launched, and it’s from Norton
,----[ Quote ]
| Now that a specific anti “bot” program has been released, from Symantec no
| less, the threat from bots, botnets and zombified computers are hitting the
| news more often, and is finally entering the mainstream users in a big way.
`----
http://www.itwire.com.au/index.php?option=com_content&task=view&id=13585&Itemid=1105
Computer worm attacks business PCs
,----[ Quote ]
| Big Yellow enters machines through a security hole in the corporate
| version of Symantec's antivirus software. Once infected with the
| worm's "bot" program, a hacker can use it as a way to connect
| with other computers for malicious attacks.
`----
http://news.yahoo.com/s/ap/20061216/ap_on_hi_te/computer_worm
Finding Software That Slows Down Your Computer
,----[ Quote ]
| The PC Spy is trying to make people aware of the worst software that is
| out there, and to no surprise Norton Internet Security 2006 is at the top.
|
| [...]
|
| It is pretty obvious that having a large number of fonts degrades
| performance in Windows. I think that I?ll be going through and deleting
| some of the ones that came with Vista because I really don?t need
| 400+ fonts.
`----
http://tech.cybernetnews.com/2006/09/18/finding-software-that-slows-down-your-computer/
http://tinyurl.com/glk7n
Antivirus Tools Underperform When Tested in LinuxWorld 'Fight Club'
,----[ Quote ]
| The results: Only three of the antivirus tools caught and blocked all 25
| viruses thrown at them. One tool caught fewer than 10 percent.
`----
http://www.darkreading.com/document.asp?doc_id=131246&WT.svl=news1_1
Symantec security products less than secure
,----[ Quote ]
| Secunia rates the flaw "highly critical," the second-highest category in its
| five-tier rating system.
`----
http://www.theregister.co.uk/2007/08/09/norton_security_bugs/
Is an antivirus gap looming?
,----[ Quote ]
| The failure of antivirus companies to adapt to the dramatic malware
| appearance rates in 2007 tells us there's time for a change and there's room
| for a new class of tools. "AV is dead" is the battle cry of a new industry
| analyst report. Antivirus companies may not be going the way of the dodo, but
| to many customers, the concept of antivirus as the last line of defense has
| been thrown out the window. It's time for a better approach, one that can
| keep up and really defend networks.
`----
http://news.com.com/2010-7348_3-6195322.html?part=rss&tag=2547-1_3-0-20&subj=news
Predicting the demise of antivirus apps
,----[ Quote ]
| "It's the beginning of the end for antivirus," says Robin Bloor, partner
| at consulting firm Hurwitz & Associates, who adds he began his
| "antivirus is dead" campaign a year ago and feels even more strongly
| about it today. "I'm going to keep beating this drum. The approach
| antivirus vendors take is completely wrong. The criminals working to
| release these viruses against computer users are testing against
| antivirus software. They know what works and how to create variants."
`----
http://computerworld.co.nz/news.nsf/mgmt/0047A206FF40A92ECC2572C3000FD867
When AntiVirus Products (and Internet Explorer) Fail you
,----[ Quote ]
| When Didier Stevens recently took a closer look at some Internet Explorer
| malware that he had found, something surprised him somwehat. He discovered
| that the IE-targeted malware had been obfuscated with null-bytes (0x00) and
| when run against VirusTotal, he found that fewer than half of the products
| identified the sample as malware (15 of 32). When all null-bytes were
| removed, the chances of successful detection improved, though not as much as
| would normally be expected (25 of 32 detections).
`----
http://www.beskerming.com/commentary/2007/10/29/296/When_AntiVirus_Products_(and_Internet_Explorer)_Fail_you
Linux Security: A Big Edge Over Windows
,----[ Quote ]
| Linux is better at locking down a computer than Windows. The Linux OS
| uses configuration settings and user permissions to a much more
| efficient degree than the Windows administrator account. To do
| this, non-enterprise users should seek help from third-party
| security suites that serve as configuration managers, James
| Bottomley, chief technology officer of SteelEye Technology said.
`----
http://www.linuxinsider.com/rsstory/54742.html
Microsoft Windows: Insecure by Design
http://www.washingtonpost.com/ac2/wp-dyn/A34978-2003Aug23?language=printer
If Only We Knew Then What We Know Now About Windows XP
,----[ Quote ]
| You can think of Windows XP as a house with a second floor built of
| spackle, wood filler and duct tape.
`----
http://www.washingtonpost.com/wp-dyn/content/article/2006/09/23/AR2006092300510.html?nav=rss_technology
Why Windows is a security nightmare.
http://www.smh.com.au/articles/2004/05/21/1085120110704.html
Study: Billions of dollars spent on security
,----[ Quote ]
| Large U.S. businesses will spend $61 billion on security by the end
| of this year, representing 7.3 percent of total IT budgets in the
| country, according to a new report from Info-Tech Research Group.
`----
http://news.com.com/2110-7350_3-6135989.html?part=rss&tag=2547-1_3-0-20&subj=news
Finally, anti “bot” technology is launched, and it’s from Norton
,----[ Quote ]
| Now that a specific anti “bot” program has been released, from Symantec no
| less, the threat from bots, botnets and zombified computers are hitting the
| news more often, and is finally entering the mainstream users in a big way.
`----
http://www.itwire.com.au/index.php?option=com_content&task=view&id=13585&Itemid=1105
Symantec Software Battles Vicious New PC Enemies: 'Bots'
,----[ Quote ]
| "We are seeing rapid increase in botnet infections," says Ed Kim, director
| of product management in the consumer division at Symantec.
`----
http://www.thestreet.com/_yahoo/newsanalysis/itmanagement/10368181.html?cm_ven=YAHOO&&cm_cat=FREE&&cm_ite=NA
FBI to Notify Microsoft Windows Users Who Were Victims of Botnets
,----[ Quote ]
| The Department of Justice and FBI have announced the results of
| an ongoing cyber crime initiative to disrupt and dismantle
| “botherders” and elevate the public’s cyber security
| awareness of botnets.
`----
http://www.linuxelectrons.com/news/general/10550/fbi-notify-microsoft-windows-users-who-were-victims-botnets
The end of Windows, or a security expert gives up
,----[ Quote ]
| And then go and warn others to do the same. Windows is defeated - its days
| are over. It carries the worm inside. So whatever will happen next: RIP,
| Windows.
`----
http://wolfgang.lonien.de/?p=456
Gathering 'Storm' Superworm Poses Grave Threat to PC Nets
,----[ Quote ]
| Although it's most commonly called a worm, Storm is really more: a worm, a
| Trojan horse and a bot all rolled into one. It's also the most successful
| example we have of a new breed of worm, and I've seen estimates that between
| 1 million and 50 million computers have been infected worldwide.
`----
http://www.wired.com/politics/security/commentary/securitymatters/2007/10/securitymatters_1004
In zombies we trust
,----[ Quote ]
| A little over a year ago, I wrote an editorial where in back-of-the-envelope
| style (.pdf) I estimated that perhaps 15-30% of all privately owned computers
| were no longer under the sole control of their owner. In the intervening
| months, I received a certain amount of hate mail but in those intervening
| months Vint Cert guessed 20-40%, Microsoft said 2/3rds, and IDC suggested
| 3/4ths. It is thus a conservative risk position to assume that any random
| counterparty stands a fair chance of being already compromised.
`----
http://blogs.zdnet.com/security/?p=661
Over 50% of corporate desktops infected with malware: IronPort
,----[ Quote ]
| The report also reveals that more than 50% of corporate desktops
| worldwide are infected with some type of spyware with the rate of
| infection as high as 70% in the United States. Trojans or malicious
| system monitors represented over 7% of the infections. Rootkits and
| trick loaders, which reinstall spyware and other obfuscation techniques,
| make remediation very difficult thus prevention is the key to stopping
| these threats.
`----
http://www.crn-india.com/breakingnews/stories/66870.html
|
|