Friday, February 26, 2010

Killer Whale Video Spreading Viruses - Friendly Computers

DENVER -- The IT and security firm Sophos is warning computer uses to be ware of messages and Web sites that claim to show video or pictures of the death of killer whale trainer Dawn Brancheau. - Friendly Computers

Read more below…
Hackers have created Web pages stuffed with content that appears to be video footage of the trainer's death, but the sites are actually designed to infect computers.

Brancheau was killed when the 12,000-pound killer whale named Tilikum dragged her into its pool and thrashed the woman to death as audience members watched in horror.


"It's hard to believe that anyone would want to watch video footage of this horrible death, but it's currently one of the very hottest search terms on the Internet," said Sophos Senior Technology Consultant Graham Cluley in a news release.

"These poisoned pages can appear on the very first page of your search engine's results, and if you visit the links you may see pop-up warnings telling you about security issues with your computer. These warnings are fake and designed to trick you into downloading dangerous software or handing over your credit card details," Cluley said.

Scareware and fake anti-virus attacks like this have become an increasingly common weapon. They have been seen following the deaths of several high-profile individuals including Patrick Swayze and Natasha Richardson.

"You could argue that anyone hunting for footage of this horrific accident deserves everything that's coming to them, but the real sick ones here are the hackers who are trying to profit from the death of an innocent woman in a tragic accident," Cluley said.

INTERNET PROTECTION TIPS:
•Security: Microsoft security
•E-mail: Cyber Alerts
•Download: Virus Definitions
•Download: Other Tools
•Download: Securities Update Vault

REMEMBER: Don't open e-mail attachments that end in .vbs, .pif or other unfamiliar extensions. Even if the e-mail appears to come from a trusted source, it could be someone "spoofing" an address. Confirm it's from who you think it's from before you open.
Sophos suggests you make sure your anti-virus software is up to date and be cautious about the links you click on.

"The general public would find it much safer to get their news from established news outlets rather than any Tom, Dick or Harry website on the internet. There are simply too many cybercriminals out there waiting to trip up the unwary," Cluley said.

Sophos makes anti-virus software and provides analysts on Internet security. Their Web site says they have 100 million users in 150 countries.


Source: http://www.thedenverchannel.com/technology/22682717/detail.html

Tuesday, February 23, 2010

UTA Prof.: Kneber botnet a new sort of stealth computer virus - Friendly Computers

Businesses and government agencies have a new weapon to fear -- one that is stealthy, secretive and can steal secrets without easy detection, said Matthew Wright, assistant professor in the Department of Computer Science and Engineering at the University of Texas at Arlington. - Friendly Computers

Read more below…
A new generation of computer viruses have been born, according to Wright. This threat was furthered this week when news broke that Herndon-based NetWitness identified a virus, dubbed the Kneber botnet, that was able to affect up to 75,000 systems in 2,500 organizations worldwide.

“I think it’s very likely there are additional businesses that are affected, and they don’t know about it,” said Wright.

Based on NetWitness’ research, the new virus is able to gather log-in credentials for financial systems, social networking sites and e-mail systems from infected computers.

The source is hard to detect, Wright said.

He added that the creators of the new virus have essentially tied two types of malware, or negative software, together and created a system that allows all of the affected computers to talk to each other.

Wright said businesses should consider meeting with their security vendors or IT security groups to discuss handling or preventing these types of attacks. But don’t expect an ominous sign when your system has been hit.

“This is not going to take down your computers or cause trouble in any way,” he said. “It is going to stay low and quiet. The original goal is to steal online banking credentials.”

Wright said this new threat is real and even has the American government concerned.

“We’ve been seeing this trend over the past decade,” he said. “Hacking and virus-writing has gone from kids messing around with computers to pure criminalization. This is becoming a true criminal enterprise,” he said.

And what does the new generation of hackers want from companies?

“I don’t want to speculate too much," Wright said, “but any corporate secrets, technology that is going to be developed … anything about company projects.”

He added that the incentive for this information would be a criminal’s impetus to sell that information to competitors.


Source: http://www.bizjournals.com/dallas/stories/2010/02/15/daily37.html

Wednesday, February 17, 2010

Norton 360 checks the Web's rep to keep you safe from viruses - Friendly Computers

Today Norton has announced a new version of its Internet protection suite, Norton 360 v4, which includes antivirus protection, smart startup, online backup and uses reputation to keep you safe from malicious websites and enjoying your computer. - Friendly Computers

Read more below…
As we discussed in our look at SafeCentral, protecting against viruses is difficult because new threats come up every day. While Norton hasn't gotten to the point that it has an emergency response team breaking down the doors of hackers, it is building a rep of keeping your computer safe by letting Norton 360 users rate the reputation of websites and threats. Since it has added reputation, the new tool has blocked a previously hidden threat for one out of two users and has had more than 177 billion reputation rankings since September.

Reputation helps users by preventing them from visiting one of the 27% of websites deemed poisonous by Norton. A great example of it in use is that if you search Google for "amy wynalda" 8 out of the first 10 search results are malicious; which, thanks to reputation,Norton 360 can protect you against.

One of the biggest things that Norton has worked on addressing in the recent releases of Norton 360 is providing users with potent protection without slowing down their computer. According to a new report from the Passmark Software benchmarking company, Norton has done a good job, as Norton 360 v4 was awarded best overall performance in January 2010.

As far as slowdowns go, a slow computer was recently noted as one of the top 10 workplace frustrations and slow to start up computers are the frustration of many home users, like my father, who simply want to get one thing done and get on their way.

One of the most common reasons that your computer is slow to start up, and even slow to run, are the numerous programs that launch every time you turn your computer on. Windows has a built in tool to edit the start up of programs and you can open up each program and turn off auto-start one by one. but the first option can be confusing for many users and one-by one removal can take a while if you don't know what you're looking for.

Norton 360 v4 has added a new tool called Start up Manager, which on average can cut 30 seconds off the time it takes your computer to turn on. Start up Manager makes uses of the reputation management that is a large part of Norton 360 and helps you decide what programs to remove from start up based on what other users have done. You can also set items to start up 5 minutes after your computer turns on so you can get to work faster.

In addition to the 2GB of online backup that has been included, Norton 360 v4 has added the ability to access this important data anywhere, including on your mobile devices. Shortly you will be able to access these files on Android devices, the iPhone and even the iPad. Another part of this feature is the ability to email large files securely so you can easily share with business associates and family members.

It is great to see that antivirus companies are focusing on the performance of their products which had driven many users away and led to headaches for those of us who provide IT support to friends and family. Tech savvy users will be able to achieve the performance boost of cleaning out their start up and using an online backup tool like Dropbox; but the addition of reputation ranking and performance boosts make Norton 360 v4 a complete package for people, like my parents, who want a central system for protection. Upgrade pricing starts at $59.99 and new one year subscriptions are available for $79.99.


source: http://www.walletpop.com/blog/2010/02/17/norton-360-checks-the-webs-rep-to-keep-you-safe-from-viruses/

Tuesday, February 16, 2010

Valentine's Day E-Cards May Contain Virus - Friendly Computers

BOSTON -- E-cards may be a sweet gesture from your sweetie this Valentine's Day, but beware of e-mail scams sent by less than loving cyber-criminals. These criminals are taking advantage of the holiday to infect computers with nasty viruses, according to Internet security companies McAfee and AVG technologies. - Friendly Computers

Read more below…
"Beware that surprise e-card," wrote JR Smith, CEO of AVG in a blog post. "It could contain a whole load of heartache in the form of a hard drive hack designed to steal your identity."

Cyberscammers are sending e-cards with cute Shih tzu puppies, love notes reading "Deeply in love with you" and little red hearts to lure users to download a computer virus if they click on the links in the message.

To protect your computer, AVG and McAfee suggest that you do not open e-cards sent to you from people you don't know, or even e-mail the sender asking if they sent you an e-card. Do not open an e-mail with generic things in the subject line and make sure your security software is updated.

It is safer to copy and paste a URL from an e-mail into the browser than to click a link directly. E-card companies do not send cards as attachments. If you receive a card attachment, AVG suggests you delete the e-mail immediately.

Viruses from these e-mails, if clicked, may be installed without the user's knowledge.

If you suspect e-card an e-card contains a virus, you can file a complaint with the Internet Crime Complaint Center.


Source: http://www.thebostonchannel.com/news/22543278/detail.html

Thursday, February 11, 2010

Computer virus attacks increasingly malicious - Friendly Computers

Though the Gumblar computer virus and its variants initially targeted private firms, these viruses are now increasingly affecting Web sites of local governments, universities and independent administrative institutions. - Friendly Computers

Read more below…
Attacks by new types of computer viruses similar to Gumblar have recently come to light, with about 400 private firms' Web sites altered since late December, according to a survey conducted by a computer security firm.

In the attacks by Gumblar and its variants, people who visit infected Web sites are redirected to other sites that then install malware onto their computers, resulting in private information such as passwords and IDs being stolen.

While the purpose behind such attacks has been unclear, attackers using the new Gumblar-type viruses have a clearer criminal intent, as such viruses are capable of stealing credit card numbers - something that older versions of the Gumblar variants could not do.

The Web sites of Tokyo's Mizuhomachi town government and Hokkaido prefectural government have been affected by Gumblar or its variants. The Mizuhomachi town government Web site was altered on different occasions between Oct. 12 and 30, and the personal computers of about 8,000 people who visited the site could potentially have been infected with the virus.

For the Hokkaido prefectural government, eight government-related Web sites, such as that of the Hokkaido Lifelong Learning Promotion Center, were altered on different occasions between Dec. 11 and Jan. 5. During this period, a total of about 1,800 people reportedly visited these infected Web sites.

Due to fears that the personal information of residents and other people could be stolen via infected Web sites, the Internal Affairs and Communications Ministry is calling for local governments across the nation to introduce a Gumblar-detection system developed by the Local Authorities Systems Development Center, which is under the ministry's control.

Meanwhile, it also has been learned that other Web sites might have been infected with Gumblar or its variants, including those belonging to Tokyo University's Graduate School of Education and Faculty of Education; the Organization for Small and Medium Enterprises and Regional Innovation, Japan; Sapporo's parks and greenery association; and the Sendai International Relations Association.

"In addition to private firms' Web sites, Gumblar and its variants are now affecting other sites," an official at G Data Software K.K. said. "Attackers apparently target Web sites by using autopilot and other software."

Gumblar and its variants started circulating around the globe last spring. Though the attacks seem to have gone into respite, they flared up again around October. At that time, visitors to infected Web sites were redirected to other sites, where their personal information such as IDs and passwords could be stolen.

However, no actual damage was reported at that time, and the attacks tailed off again in mid-December.

Around that time, however, a third wave of attacks started. In these latest attacks, visitors to infected Web sites are redirected to illicit Web sites where the users inadvertently install bogus antivirus software that is capable of stealing credit card numbers. These Web sites also can make visitors' computers send spam e-mails.

According to a survey by Kaspersky Labs Japan, a Tokyo branch of a Moscow-based computer security firm, similar kinds of attacks have occurred on more than 380 Web sites in the country since Dec. 24.

"In the previous attacks, the intention of attackers was unclear. But in the latest attacks, there's clearly a financial motive," Suguru Ishimaru, an analyst at the company said.

"An increasing number of computers may have been remotely operated by third parties without the computer owners even noticing. Individual users should take protective measures, such as updating their (antivirus) software," Ishimaru added.


Source: http://www.philly.com/philly/business/technology/020810_malicious_virus_attacks_rise.html

Wednesday, February 10, 2010

Antivirus programs fail to stop new malware - Friendly Computers

Nearly a third of PCs protected by up-to-date antivirus software show signs of malware infection, a new analysis based on real-world scans has found.

Dutch cloud security startup, SurfRight, studied scans from 107,435 PCs that had downloaded its cloud-based behavioural scanning system, and found malware on 35 percent of the machines, about what one might expect of the general population of PCs. More surprising, however, was that 32 percent of machines using a fully-updated antivirus programs also had such files present.

Although the much older Windows XP was more likely to have these files than other versions of Windows, all versions including Windows 7 had significant problems. Later service packs lowered infection levels, but not by enough to undermine the observation that malware is managing to get around installed protection often enough for it to be a concern.

The main reason that SurfRight is able to spot infections, it will claim, is its cloud model, which relies on uploading files to a host where they are run through a range of different engines (PCs run only one at a time) by the company's Hitman Pro 3 system. Systems are then analysed at a lower level, for instance by looking closely at the registry for inconsistencies.

"Our research shows that traditional antivirus software cannot keep up with cyber criminals," said SurfRight CEO, Mark Loman. "Despite all their efforts, it is often days or even weeks before some suppliers of antivirus programmes release a solution to a new threat."

So what is going wrong? In some cases, the fault might lie with the user and not the security product. The second most common type of malware found on 13,000 systems related to bogus anti-virus and spyware programs, which typically ask for user consent before installation proceeds. At that point the only line of defence would be the Windows User Account Control (UAC) which users are routinely said to ignore.

That aside, by far the largest group of infections was for 'generic' malware, which is to say files that are believed to be malevolent due to their design and behaviour but which simply have not been identified yet. These are the most dangerous type of malware because any single AV product will probably not be able to see many of them.
Nearly a third of PCs protected by up-to-date antivirus software show signs of malware infection, a new analysis based on real-world scans has found. - Friendly Computers

Read more below…
"We also found that not all programmes detect the same threats, so the only way for users to be really sure would be to combine multiple anti-malware programmes on their PCs." said Loman.

The company reckons that for as long as Windows can only cope with a single antivirus product on each PC, the answer is to give users a 'second opinion' using cloud technologies. It's a model that has been around for some years in a number of smaller vendors such as UK-based Prevx, and whose time might yet have come after investment in the idea by larger companies such as Symantec and Pandalabs.

The company's scanner can be downloaded from the SurfRight website and claims to check each PC in minutes without conflicting with installed software. The software is free to use for scanning but activates a one-month free trial for removal if it encounters malware after which an annual malware removal subscription costs 17.95 euros ($24).


Source: http://news.idg.no/cw/art.cfm?id=B8791702-1A64-6A71-CE9B978133633493