Posted 11/05/09 at 06:19:45 PM by Ryan Whitwam

Security firm Sophos recently took it upon itself to run some tests on Windows 7 sans anti-virus software. Sophos used ten unique viruses found in circulation and attempted to infect Windows 7. While many may have thought this would be a foregone conclusion, they wanted to make a point. Microsoft claims that User Account Control (UAC) is more secure in Windows 7. Does it actually make a difference?

Sure enough, eight out of ten viruses ran without problem on a stock install of Windows 7 without User Account Control. With UAC active, an additional threat was actually blocked, and the other two still failed to run. Overall, UAC didn’t make much difference in virus protection. So yes, you still need to run an anti-virus on Windows 7. There’s been a lot of positive buzz around Redmond’s new release, just don’t let that stuff go to your head. 

Read More

Posted 09/30/09 at 11:15:27 AM by Paul Lilly

Have you checked your bank account balance online lately? If so, you may want to consider verifying the numbers with a paper statement, because what you see on your computer screen might not be indicative of banking activity that's occurring right under your nose, according to a new security report.

Hackers have a new piece of malware to play with, one which not only picks your online pocket, but also hides the evidence of any wrong doing by rewriting online bank statements on the fly. Once the Trojan horse infiltrates a user's PC, it goes to work by altering the HTML coding before it's displayed in the victim's browser, making sure to erase any evidence of money transfers or other unauthorized transactions.

"The Trojan is hooked into your browser and dynamically modifies the text in the HTML," said Yuval Ben-Itzhak, CTO of computer security firm Finjan. "It's a very sophisticated technique."

A gang targeting customers of leading German banks first began employing the ruse in August and managed to steal Euro 300,000 (about $440,000 USD) in just three weeks. Finjan estimates that the gang using the scheme could potentially steal about $7.3 million annually.

While so far relegated to German banks, Ben-Itzhak warned that this technique is likely to spread to other countries.

Cybercrime Intelligence Report, Issue No. 3, 2009 (PDF)

Read More

Posted 09/23/09 at 02:05:09 PM by The Maximum PC Staff

My 6-year-old computer is extremely slow and sometimes takes 20 minutes just to start up. The other day it caught a virus, which masqueraded as a firewall and installed itself onto my computer, changing the background to a picture that said I have spyware on my computer. I tried to open my virus-scan program (AOL) but it would not open. I have tried everything I can think of. I took out my hard drive so that it could not get to my files. Now, I have to use my son’s computer for emails. He is a big gamer so it’s really hard to get in the time to use it. Should I wait for Windows 7 to come out before getting a new computer?

Read the answer to Jim's question after the jump.

Read More

Posted 09/23/09 at 12:37:53 PM by David Murphy

The phrase "open-source" is such a sexy term.

It's so hip and fresh. Open-source singlehandedly represents the latest and greatest thinking in the modern-day technological movement. Drop it into a conversation and you're suddenly talking like a futurist. Throw it into a company's strategic roadmap and suddenly we've created innovation and depth. Suggest that virus-makers are embracing open-source, and you've got the attention (and clicks) of Web geeks worldwide.

Wait a minute. Open-source viruses?  How does that work?

Read More

Posted 08/20/09 at 07:35:14 PM by Pulkit Chandna

Symantec has published a list of the dirtiest 100 websites. The websites are said to contain around 18,000 threats apiece on an average. However, the average number of threats shoots up to 20,000 for the top 40 websites on the list, which has been compiled by Symantec’s Norton Safe Web service. Aladel.net, a US-based websites, alone houses 56,371 threats.

Although almost half of the websites are expectedly based around mature content, the remaining sites deal with a wide variety of subjects. Viruses dominate the list of threats found on these sites. Security risks and browser exploits are the other common threats found on them.  The owners of the websites that figure on the list must be feeling a sense of elation and achievement. As for the rest of us, we now know which sites not to visit.

Read More

Posted 06/28/09 at 03:28:41 PM by Justin Kerr

Google has confirmed that the error messages people received on Thursday when searching for details of Michael Jackson’s death, was initially perceived as an attack. Searches between 2:45 and 3:15pm were returned with "We're sorry, but your query looks similar to automated requests from a computer virus or spyware application. To protect our users, we can't process your request right now."

The error messages lasted for about 25 minutes on Thursday, just long enough for Google to confirm what was actually going on. The search giant noted that the amount of traffic it saw on this topic was unprecedented, as millions around the world scrambled for accurate information, seemingly all at once. Yahoo has also confirmed that it hit an all-time record for unique visitors with over 16.4 million following the story. This blows away the previous record held by the Obama election day, with a paltry 15.1 million uniques.

The outpouring of sympathy online has been astonishing, and I’m sure Google will learn its lesson on this one.

Read More

Posted 05/25/09 at 04:30:00 PM by Paul Lilly

First detected back in March, the 'Gumblar' attacks have been gaining steam lately, growing by as much as 188 percent in just a single week, ScanSafe warned. Gumblar refers to a Web attack that plants malicious scripts on normally legitimate websites, which then redirects Google search results on victims' PCs.

"A typical series of website compromises reaches peak within the first week or so and subsequently begins declining in intensity as detection is added by signature vendors, user awareness increases and website operators begin cleaning the affected sites," ScanSafe senior security researcher Mary Landesman, said late last week in an advisory.

In Gumblar's case, the opposite has been true, a result of website administrators being affected by the attacks. According to ScanSite, some well known sites have fallen prey to Gumblar include Tennis.com, Variety.com, and Coldwellbanker.com.

Keep those virus definitions up to date, and if you haven't done so already, look into installing an AV app.

Read More

Posted 04/29/09 at 08:41:58 AM by Paul Lilly

After nearly three years of development, Panda Security today released the public beta of its Panda Cloud Antivirus, which the company claims is the first free cloud-based antivirus thin-client. By taking AV duties to the cloud and combining it with local detection technologies, Panda says it can do a better job at protecting your PC than a traditional virus scanner.

"Thanks to Panda Security's Collective Intelligence malware and goodware online database, Panda Cloud Antivirus detects more malware than traditional signature-based solutions which take longer to detect the most recent, and therefore most dangerous, variants," Pedro Bustamanta, Panda Senior Research Advisor, wrote in a blog entry.

The local portion of the program takes up roughly 50MB of hard drive space while consuming about 17MB of RAM, according to a Cnet report. By the time Panda Cloud Antivirus exits the beta stage, Bustamante hopes to have the RAM consumption down to 12MB.

One potential downside to relying on the cloud for antivirus protection is that your PC would be left vulnerable without an internet connection. But not to worry, says Bustamante, who clarified that a local cache copy of Collective Intelligence is kept on the PC for just such scenarios.

Panda Cloud Virus Download (Beta)

Read More