Panda on Thursday announced that it has upgraded its Panda Cloud Antivirus Free Edition online scanner with improved protection. In addition, the company also now offers a fee-based Pro Version with expanded support services and automation capabilities.
"Since the debut of Panda Cloud Antivirus last year, nearly 10 million home users have selected the free service as their antivirus of choice," said Pedro Bustamante, senior research advisor at Panda Security. "With today’s launch, we’ve created two options for users, both featuring major enhancements that make safeguarding your PC even easier and more transparent. The Free Edition gives users the best basic no-cost protection available on the market thanks to Panda’s cloud-based Collective Intelligence malware analysis technology, while the new Pro Edition offers more robust automated security capabilities and services at a very affordable price."
Some of the new features in the freebie version include advanced configuration and exclusions, behavioral blocker, and self-protection of antivirus files. For those who shell out for the Pro version, you'll receive automatic and transparent upgrades, automatic vaccination of USB and hard drives, better behavioral analysis, and 24.7 multilingual tech support.
The Pro Edition runs $30 for a 1-year license, $51 for 2 years, or $66 for 3 years.
Software security researchers at matousec.com say they've devised a way to bypass protection built into several of the most popular desktop antivirus products, including those offered by Avast, AVG, Avira, BitDefender, Comodo, Kaspersky, McAfee, Norton, Trend Micro,and several others. The way it works is by exploiting the driver hooks AV apps bury inside Windows. By sending a sample of benign code, they're able to bypass security checks, but before code is executed, it's replaced with malicious data.
"We have performed tests with [most of] today's Windows desktop security products," the researchers wrote. "The results can be summarized in one sentence: If a product uses SSDT hooks or other kind of kernel mode hooks on similar level to implement security features it is vulnerable. In other words, 100 percent of the tested products were found vulnerable."
So far the researchers have tested their method on 34 security products, all of which were found vulnerable. Time permitting for more tests, "the list would be endless," the researchers say. If that wasn't frightening enough, the exploit apparently works just as well on accounts with limited privileges.
The question is, should you be concerned? Not yet. The exploit requires a large amount of code to be loaded onto the victim's PC, rendering it all but useless for shellcode-based attacks or those which rely on speed and stealth. In addition, the attacker must already have the ability to run a binary on the target PC for this exploit to work.
We recently posted our annual antivirus shootout in which we compared 10 different AV suites, putting each one through a gauntlet of testing. One thing we found with the poorer performers is that they tended to allow malware to install a fake antivirus scanner on our test bed, imploring us to cough up our credit card to root out the infection. As it turns out, this is a pretty common method of attack.
According to a Google study, fake antivirus popups -- sometimes referred to as scareware -- now accounts for about 15 percent of all malware that Google detects on websites, which is the result of a 13-month analysis conducted between January 2009 and February 2010.
It's not surprising we saw this first hand. Google's research included studying some 240 million websites, in which the search giant found more than 11,000 domains distributing fake antivurs software. Caveat emptor.
According to security firm BitDefender, there's an unsolicited email making the rounds that promises to keep iPad software updated "for best performance, newer features, and security." Follow the provided link, however, and all you'll get is a Backdoor.Bifrose.AADY infection.
The download page looks exactly like the real iTunes site, but rather than update your iTunes software, the malicious code instead injects itself into the explorer.exe process and opens up a backdoor for miscreants to enter your system and take control of your PC, BitDefender warns.
"Moreover, Backdoor.Biforse.AADY attempts to read the keys and serial numbers of the various software installed on the affected computer, while also logging the passwords to the victim's ICQ, Messenger, POP3 email accounts, and protected storage," BitDefender said.
We suspect this isn't the last time malware writers target iPad owners, given that Apple has sold over 600,000 tablets already.
Security firm McAfee on Monday issued another apology to the "small percentage of McAfee's consumer customers who [have] an inoperable or severely impaired PC as the result of a faulty file released earlier this month," but is offering more than just lip service this time around.
"For impacted home or home office customers who have incurred costs to repair PCs as a result of the security update issue, McAfee will reimburse reasonable expenses, such as a visit to a local tech support specialist. Details of this program, including steps to submit a reimbursement request, will be posted on the McAfee Web site within a few days, so please check back," McAfee said.
In addition, those same users are eligible for a free two-year extension of their current McAfee subscription. You'll find the extension within the "My Account" section of the McAfee website within the next 30 days, the security firm said.
There are some details are leaking out regarding antivirus maker McAfee's assessment of yesterday's buggy update to their corporate security software. The update caused Windows XP machines to crash left and right. The confidential documents were sent to Ed Bott, and paint a picture of poor quality control. The anonymous sender of the email says the error was totally preventable.
The document itself seems to indicate that steps in the testing process were not followed. McAfee requires peer-review of all DAT update files, and apparently that didn't happen. They also inexplicably failed to test the update with Windows XP SP3, the operating system affected by the bug. Just as a reminder, this is an enterprise product. You'd expect special attention to be paid to the QC process.
It's a little telling that McAfee's website has not been updated with any details on the error. Could it be they are working on a way to spin this unflattering evidence into a bad news/good news statement? Businesses definitely are suffering financially from this incident which will likely require techs to make a visit to each and every affected PC. Any reports from the field? Are you seeing clean-up efforts proceed as planned?
Users of McAfee's corporate antivirus product found themselves wrestling with some pretty serious problems today. The most recent DAT update for the antivirus suite caused the scanner to identify the benign Windows svchost.exe file as a virus. The antivirus' course of action is clear; it deletes the file. The result is a lot of crashed PCs and unhappy IT departments. This isn't even the first time McAfee has had an error like this.
When the gravity of the situation was made clear, McAfee pulled the update from their servers and reiterated that it had only been pushed out to machines running the corporate edition of the software. The problem, according to McAfee, mainly affects PCs running XP SP3. Given that a lot of business environments still run on XP, that's a lot of potential machines.
McAfee has issued a "fix", but inexplicably, it only helps those who haven't yet had their machines crash after receiving the update. Currently, the only way for IT departments to fix the issue involves repairing the Windows install manually. Has anyone out there had any experience with this bug today?
We just wrapped up our annual antivirus roundup and already Symantec is looking ahead to next year's release. You can too, now that the security outfit has released public betas for its consumer-based Norton Antivirus 2011 and Norton Internet Security 2011.
"With the Norton 2011 release, we’re determined to continue delivering the fastest and most effective security suite on the market,” said Jens Meggers, vice president of engineering, for Norton products. “Further to this, our customers are looking for value beyond ‘core security’ and the free new tools we’re bringing to market will keep the Norton community and the community-at-large safer from the cybercriminals who find new ways everyday to target people’s identity for a profit."
So what's new in the 2011 versions? Symantec says the latest release introduces Download Insight 2.0, which now applies reputation protection to "virtually every download regardless of client." You'll also find a handful of new tools, such as the Norton Safe Web for Facebook, Norton Power Eraser (targets malicious programs masquerading as legitimate apps), and Norton Bootable Recovery Tool.
Hit one of the download links below to give them a spin:
Once upon a time, the typical computer virus was annoying, and even a little destructive, but nowhere near as dangerous as what computer users face today. The stakes are much higher now, and if you’re not careful or haven’t taken the proper precautions, you’re a sitting duck for hackers to steal your identity and sell your private information to the highest underground bidder. Imagine waking up to find your bank account drained or your credit destroyed. And lest you think we’re exaggerating, consider that most U.S. military personnel aren’t even allowed to tote USB thumb drives and other removable storage devices anymore because of the potential harm of a virus outbreak.
The solution to all this is to not be caught with your virtual pants around your ankles, and lucky for us, antivirus vendors have stepped up their game with increasingly robust all-in-one security suites. In fact, unlike other technology categories, the field of AV continues to expand rather than consolidate, with an overwhelming number of apps promising protection and unique features. That’s where we come in.
To help you sift through the cruft, we’re going to revisit the latest versions of the antivirus apps that showed the most promise (or have been granted a mulligan) from last year’s roundup (January 2009), and we’ll pit them against five of the most reader-requested antivirus suites we haven’t yet reviewed. You’ll notice we’ve narrowed our focus to only two freebie apps this time around (Avira, last year’s champ, and Microsoft Security Essentials, Redmond’s highly anticipated replacement to Windows Live OneCare), so if you do decide to shell out for paid software, you’ll have a wider variety of suites to compare. If the app you’re interested in isn’t included here, let us know and be on the lookout for individual reviews in future issues.
Users of the Japanese file-sharing service Winny are grappling with a new threat today. Trend Micro is tracking a trojan called Kenzero that steals a user's web history and posts it online until such time as the user pays up. The virus is masquerading as illegal copies of explicit Hentai games, assuring the affected individuals likely have at least some embarrassing items in their browser history.
The virus appears to be a game installation screen that requests the personal details of the user. It then posts the web history along with the personally identifiable information. Users are confronted with an email or popup demanding 1500 yen (about $16) to "settle your violation of copyright law" and remove the stolen information from the website.
The website the history is published on is owned by a shell company known to be associated with other malware scams. Security experts warn that paying the ransom is unlikely to result in the removal of the information. It's more probable that the malware makers will just sell the card number. Over 5500 users have admitted to being infected. Might be a good time to update your antivirus, in case Kenzero variants spread.