Posted 10/29/09 at 02:33:59 PM by Bart Salisbury

There’s creepy things afoot on the web, and what’s better to combat them than something crawly? Internet security company Kaspersky Lab has introduced the “Krab Krawler”, an anti-malware tool that can make your Twitter-hungry lifestyle a little bit safer.

Krab Crawler examines every public post that appears on Twitter. The posts are parsed for URLs which, if present, are traced to their origin. (Even shortened URLs are recognized.) The site is then checked for any creepy things, such as the Koobface virus, that might make your day less tweety.

Costin Raiu, a senior malware analyst at Kaspersky Lab, says the Krab Krawler pulls out about half a million new, unique URLs from Twitter posts each day. In these Krab Krawler finds between a hundred and a thousand linked to malware attacks. Raiu also notes that about 26 percent of these URLs link to spam sites, so even if a URL doesn’t pose a deadly threat, there’s a one-in-four chance it leads to an annoyance.

Krab Krawler works on top of Twitter’s own filtering system. The extra layer is useful because of malware’s propensity to undergo code changes to avoid detection. Raiu estimates it takes two to 12 hours to pick up on such changes and properly identify a new malware strain.

In addition to Kaspersky Lab, Trend Micro also monitors Twitter posts for malware. And Finjan offers a free browser plug-in, SecureTwitter, that warns users of URLs of dubious character.

Read More

Posted 09/15/09 at 05:54:53 PM by Jason Barry

New Research by Trend Micro suggests that some malware infections hang around for as long as two years in some circumstances. This new data refutes previous estimates that the infection limit was approximately six weeks. Their research consisted of the analysis of over 100 million compromised IPs where they found that four out of five machines remain infected for longer than a month.

They concluded that if machines were not disinfected quickly, that those infections would linger until the machines were disconnected altogether, speculating replacement as the eventual solution.

After further investigation into network botnets, Trend Micro was also able to pinpoint that the majority of identity-theft reports traced back to three agent strains: Koobface, Zeus/Zbot and Ilomo/Clampi. In particular, the hysterically named Koobface botnet updated its infrastructure to use proxies and relays making it nearly impossible to eradicate.

Image credit: Mucinex

Read More

Posted 02/18/09 at 12:45:48 PM by Paul Lilly

Safe surfing remains the best defense against internet-borne attacks, but it won't provide you that warm fuzzy feeling that an additional layer of protection offers should you slip up. And if you share your PC, your safe computing regime goes straight out the window if your roommate wanders haphazardly across the web.

In an attempt to beef up security, Linksys announced it is teaming up with Trend Micro to integrate the latter's Home Network Defender internet security software into its routers to help block malicious sites from doing harm. Previously offered as a software application, Home Network Defender will be integrated with the Linksys WRT310N and WRT610N routers, offering protection to any computers connected to the network.

The software integration is meant to deny access to sites it deems unsafe with user-adjustable sensitivity controls, as well as embed parental controls and user-activity reporting into the above mentioned routers. What it won't do is offer anti-virus protection, however Linksys says that four licenses of Trend Micro Antivirus plus AntiSpyware will come included as part of the deal.

Existing WRT310N and WRT610N have the option of upgrading their router's firmware for the new software integration, which will carry a 30-day complimentary trial. After that, the service runs $60/year.

Read More

Posted 07/03/08 at 08:51:30 AM by Chris Moody

A dispute between security appliance maker Barracuda Networks and Trend Micro started earlier this year when Trend Micro claimed that ClamAV infringes on its patents covering the use of server-based antivirus software on FTP and SMTP gateways. Barracuda has now filed a countersuit against Trend Micro to try and protect the open source ClamAV antivirus program from Trend Micro’s nasty allegations of infringement. Barracuda which is a supporter of open source software was unwilling to simply negotiate a cheap licensing agreement for patent indemnity. This of course also benefits other ClamAV users which include small business, non-profits, and even some governments.

Ars Technica quotes Barracuda CEO Dean Drako as saying, "The reality is that Trend Micro is asking Barracuda Networks to pay for the use of the free and open source ClamAV software.” He goes on to say, “We have asserted all along that Trend Micro's actions are unjust and could have serious implications against the open source community and other free and open source projects."

While Barracuda’s motives aren’t all together altruistic since they use ClamAV in their products, it’s none the less vital for everyone. ClamAV is not a fully featured AntiVirus program, nor is it the best, but it plays an important role. Trend Micro sounds like it is patent fishing for cash, and I am unimpressed. They might run the risk of a consumer backlash if it attempts to go after ClamAV directly. You can learn more about Barracuda’s efforts here.

Read More