Information Security all in one place!

virus protection

Kaspersky Labs: New Generation of Ultimate PC Protection; for Home


Kaspersky Lab, a leading developer of secure content and threat management solutions today announced a new version of its flagship product for at-home PC protection — Kaspersky PURE 2.0 Total Security. Using Kaspersky Lab’s award-winning anti-malware protection and an array of additional security tools, Kaspersky PURE 2.0 Total Security is the easiest way to keep multiple PCs secure, irreplaceable digital assets protected, and children safe and responsible online.

Central Home PC Management

Ideal for households with multiple computers, including families with children, Kaspersky PURE uses Home Network Management to easily protect, manage and monitor every PC in the household from a single machine.

From one PC, you can:

— Run all scans, updates, and backup tasks on every PC in the house automatically or on-demand

— Fix security issues without getting up from your desk

— Manage parental controls from anywhere in the house, so your kids are protected even when they’re out of view

— Conveniently update the Kaspersky PURE licenses throughout your home

Total Package of Security Tools

Kaspersky PURE also includes everything you need to secure your online identity and protect your irreplaceable digital property. When you install Kaspersky PURE, our extra layers of security mean you can say good-bye to overpriced and inefficient niche products.

This is great work. I am demoing the product now and will post my review shortly. Very excited about how this will shape the home and small business central management landscape. Will vendors pile on?

 

More on this breaking news can be found here: http://www.marketwatch.com/story/kaspersky-lab-announces-new-generation-of-ultimate-pc-protection-for-your-home-2012-03-26

Advertisements

BYOD Control: Aruba brings it together with ClearPass


Aruba Delivers BYOD Control with ClearPass

The bring-your-own-device (BYOD) era is booming, while BYOD delivers some freedom to users and is great don’t get me wrong, however. It is still absolutely critical that companies reachthe same degree of protection,  and control that corporate owned devices also receive to these devices. It has to be thought of as a wired device, in my opinion.

Networking vendor Aruba is now debuting a solution for BYOD, built on Linux and leveraging the open source FreeRADIUS access controlsolution to help return control to enterprises.

English: offical logo of Aruba Networks

“ClearPass provides a networking solution for BYOD to address all of the majoroperating systems and any networking vendor’s network architecture,” Robert Fenstermacher, director of Product Marketing at Aruba, told InternetNews.com. “It can act as a single point of policy control across all wired, wireless and remote infrastructure for a global organization.”

More from ENP: http://www.enterprisenetworkingplanet.com/netsysm/aruba-delivers-byod-control-with-clearpass.html


Botnet: Cutwail Returns; Overall Spam Increasing


According to M86 Security, the infamous Cutwail botnet (aka PandexMutant and Pushdo) appears to have been reactivated. The security specialists say that in the past few weeks they have registered several waves of HTML emails that were infected with malicious JavaScript and probably originated from Cutwail-infected PCs.

Cutwail had its heyday about five years ago, when it led the botnet activity list with 1.6 million infected computers. However, it lost its top position in the market after hackers intruded into the system and disclosed the names of customers and affiliates.

How a botnet works: 1. A botnet operator sends...

Image via Wikipedia

According to M86 Security, the volume of infected emails was 50 times higher between 23 and 25 January, and three further waves from 6 February were found to be as much as 200 times higher.

Infected emails had subject lines such as “FDIC Suspended Bank Account”, “End of August Statement” and “Scan from Xerox WorkCentre”.

Read More Here: Cutwail botnet back in action


Android: Malware Magnet


In the last seven months of 2011, malware targeting the Android platform jumped 3,325 percent!

According to Juniper Networks‘ Mobile Threat Report, malware targeting the Android OS grew by 3,325 percent in the last seven months of 2011.

“Android malware accounted for about 46.7 percent of unique malware samples that targeted mobile platforms, followed by 41 percent for Java Mobile Edition,” writes eWeek’s Fahmida Y. Rashid.

Android System architecture

Android System Architecture

“The explosion in Android malware is a direct result of the platform’s diverse and open marketplace where developers are free to post their apps as well as growing market share, according to Juniper,” Rashid writes. “Google‘s market share in the mobile space, at 46.9 percent, is statistically the same as the proportion of Android malware detected by Juniper.”

 

Read More: 2011 Android Report: Malware

 

 

 


Researchers Warn:Trojan evolving through ‘open source’ development


Trojan malware evolving swiftly as hackers customise code according to their needs

 

Source: http://www.computerworld.com/s/article/9224112/Citadel_banking_malware_is_evolving_and_spreading_rapidly_researchers_warn

 Citadel banking Trojan evolving through ‘open source’ development

Citadel, a computer Trojan that targets online banking users, is evolving and spreading rapidly because its creators have adopted an “open source” development model, according to researchers from cyberthreat management firm Seculert. The new piece of malware is based on ZeuS, one of the oldest and most popular online banking Trojans. ZeuS was abandoned by its creator in late 2010 and its source codeleaked online a few months later.

English: I constructed this image using :image...

“Seculert’s Research Lab discovered the first indication of a Citadel botnet on December 17th, 2011,” the security company claimed. “The level of adoption and development of Citadel is rapidly growing.”

Seculert has identified over 20 botnets that use different versions of this Trojan. “Each version added new modules and features, some of which were submitted by the Citadel customers themselves,” the company said.

The most interesting aspect of Citadel is its development process, which is similar to the ones behind community-supported open source projects. “Similar to legitimate software companies, the Citadel authors provide their customers with a User Manual, Release Notes and a License Agreement,” Seculert said.


Yahoo! Messenger v11.5 – Buffer Overflow Vulnerability


Yahoo! Messenger v11.5 – Buffer Overflow Vulnerability

Severity: High         Risk: High

Area of Impact: Drag & Drop – Message Box

Details of the Vulnerability:

Yahoo! Messenger Icon

Image via Wikipedia

A Buffer Overflow vulnerability has been detected on Yahoo Instant Messenger v11.5 client software.
The bug is located on the drag & drop message box function of the software when processing special crafted file transfers.
The vulnerability allows an local attacker to crash the software & all bound yahoo components.

Thus creating the buffer overflow

Proof of Concept: Testing purposes only!!

This vulnerability can be exploited by security enthusiasts. More details can be found here:

http://www.vulnerability-lab.com/get_content.php?id=432  
****The information provided in this advisory is provided as it is without any warranty.

Hack in Progress: Watch the vulnerability in action

No report from Yahoo as of yet. We will keep you posted on all the details.