anti virus http://www.maximumpc.com/taxonomy/term/6237/ en Java Continues to be Hackers' Darling http://www.maximumpc.com/article/news/java_continues_be_hackers_darling <!--paging_filter--><p><img src="/files/u46168/8228.clip_image002_thumb_059abbb9.jpg" width="228" height="173" style="float: right;" />Java’s ubiquity combined with its propensity to stay out of date on a large chunk of its install base makes it an ideal target for hackers. This is enough to ensure that whenever the subject of third-party software vulnerabilities crops up for discussion Java is somewhere at the top of the ensuing list of those most vulnerable. According to the latest volume of Microsoft’s <a href="http://www.microsoft.com/security/sir/default.aspx">Security Intelligence Report</a>, Java was responsible for the largest number of attacks in the first half of 2011.</p> <p>During this period, attackers mounted millions of attacks to exploit the large number of vulnerabilities present in Java Runtime Environment (JRE), Java Virtual Machine (JVM), and Java SE in the Java Development Kit (JDK). If we go back even further to the start of the the third quarter of 2010, Microsoft’s antimalware technologies came face to face with as many as 27 million attacks targeting Java vulnerabilities from then to the end of the second quarter of 2011. That leaves us with a quarterly average as high as 6.9 million during that one year period.</p> <p>“Many of the more commonly exploited Java vulnerabilities are several years old, and have had security updates available for them for years,” wrote Tim Rains, a director at Microsoft's Trustworthy Computing Group, in a <a href="http://blogs.technet.com/b/security/archive/2011/11/28/millions-of-java-exploit-attempts-the-importance-of-keeping-all-software-up-to-date.aspx">blog post</a> Tuesday. “This illustrates that once attackers develop or buy the capability to exploit a vulnerability, they continue to use the exploit for years, presumably because they continue to get a positive return on investment.”</p> http://www.maximumpc.com/article/news/java_continues_be_hackers_darling#comments anti virus antimalware AV hackers Java microsoft Microsoft Security Essentials microsoft security intelligence report Security News Wed, 30 Nov 2011 12:10:33 +0000 Pulkit Chandna 21553 at http://www.maximumpc.com New Malware Breaks Windows 64-Bit PatchGuard, Inexplicably Targets Mac OS X http://www.maximumpc.com/article/news/new_malware_breaks_windows_64-bit_patchguard_inexplicably_targets_mac_os_x <!--paging_filter--><p><img src="/files/u138055/broken_windows.png" width="228" height="228" style="float: right;" />Windows PCs don't exactly have a reputation for security, but Microsoft's trying to change that. When smug know-it-alls claim that Windows PCs have more viruses than a public toilet, Microsoft points to the PatchGuard driver signing system on 64-bit Windows as their way of saying "Nuh-uh!" PatchGuard keeps the baddies from getting high-level privileges on Windows machines. Bad news: Kapersky's reporting that a new malware program that targets Windows 64-bit users has figured a way around the protection.</p> <p>The malware is part of the popular BlackHole Exploit Kit and infects computers through vulnerabilities in Java and Adobe Reader, two third-party programs that basically everybody has on their computer. <a href="http://www.securelist.com/en/blog?print_mode=1&amp;weblogid=473">Kapersky reports</a> that once Rootkit.Win64.Necurs.a gets its foot in the door, it starts downloading those annoying fake antivirus programs – you know, the "OMG! Your computer has umpteen million infected files! Click here to buy a fix!" type. The downloader gets around the Windows 64-bit protection by activating a driver test command that keeps PatchGuard from slamming on the brakes.</p> <p>An interesting tidbit: one of the fake antiviruses the program tries to download is Hoax.OSX.Defma.f, a fake antivirus for Mac OS X. Obviously, it won't work, being downloaded to a 64-bit Windows computer and all, but it points to an not-quite-so-obsure, post-Mac Defender future for Mac users.</p> http://www.maximumpc.com/article/news/new_malware_breaks_windows_64-bit_patchguard_inexplicably_targets_mac_os_x#comments 64-bit anti virus kapersky malware OS X patchguard virus Windows News Mon, 06 Jun 2011 17:38:37 +0000 Brad Chacos 18887 at http://www.maximumpc.com Is Chrome OS An Impregnable Fortress? Not According to Trend Micro http://www.maximumpc.com/article/news/chrome_os_impregnable_fortress_not_according_trend_micro <!--paging_filter--><p><img src="/files/u46168/chrome-os-security.jpg" width="350" style="float: right;" />Google is confident that its cloud-based <a href="http://googleblog.blogspot.com/2011/05/new-kind-of-computer-chromebook.html">Chrome OS will change the computer security landscape beyond recognition.</a> That the many layers of security built in to the operating system will be enough to render third-party anti-virus solutions useless.That you will no longer have to “spend hours fighting your computer to set it up and keep it up to date.” But not everyone - least of all computer security companies - is convinced.&nbsp;</p> <p>One of the skeptics, Rik Ferguson, director of security research at Trend Micro, has dismissed Google’s security promises as “media friendly” hogwash while comparing them to similar claims from Apple: “While I applaud the impressive advances in security that are apparent in Chrome OS, to a certain extent we are seeing marketing history repeat itself. How often did the mantra that MacOS was immune to malware need to be repeated until the vast majority of users believed it and continue to do so, even after Apple went as far as incorporating rudimentary AV software into MacOS?”</p> <p>In a recent&nbsp;<a href="http://countermeasures.trendmicro.eu/so-secure-we-dont-need-security/">blog post</a>, Ferguson tersely touched upon Chrome’s key security features, including sandboxing, automatic updates, complete absence of desktop apps, cloud-based data storage, and the ability to seamlessly revert back to the last known good state when an anomaly is detected.</p> <p>He then proceeded to focus on some of the possible workarounds that malware vendors are likely to employ. Ferguson feels that as hackers are likely to find new ways of circumnavigating the sandbox itself, it would be “short-sighted” to completely rely on sandboxing technology even when it is as effective as Chrome’s.</p> <p>He further wrote, “As regards the notion of the operating system always reverting to a known good state at reboot and the security afforded by encrypted data being stored in Google’s cloud, well surely that’s just moving the goalposts for the bad guys.”</p> <p>“If I can infect you for one session and steal your keys, well then I’ll get what I can while I’m in there and then continue accessing your stuff in the cloud, after all I’ve got your keys now, I don’t need your PC anymore.”</p> <p>Even though it’s not too surprising to see Trend Micro having a problem with Google’s assertion, it does have a point in that no operating system is impregnable and that Chrome OS will, over time, have its fair share of security issues - just a case of how they manifest themselves.&nbsp;</p> <p>All said, the cloud-based operating system is likely to make things a bit more complicated for malware authors. It’s also just as important to acknowledge the great job that Google has done in making Chrome one of the safest web browsers out there. It now needs to keep up the good work.</p> <p>&nbsp;</p> http://www.maximumpc.com/article/news/chrome_os_impregnable_fortress_not_according_trend_micro#comments anti virus chrome os chromebook chromebox cloud malware netbook operating system OS Security Software Trend Micro News Sat, 28 May 2011 00:53:24 +0000 Pulkit Chandna 18765 at http://www.maximumpc.com For the Mac Fans: Windows Gets Malware, Too http://www.maximumpc.com/article/news/mac_fans_windows_gets_malware_too <!--paging_filter--><p><img src="/files/u138055/computer_virus.jpg" width="228" height="228" style="float: right;" />It's true, we've been giving Apple a lot of grief recently over the whole Mac Defender thing. While it's fun to watch Mac fanatics squirm so much over a fairly straightforward malware infection, if we're being honest, the only reason us Windows users are so cynical and jaded in the first place is because we've all dealt with a nasty infection or two ourselves. But just how prevalent is malware on Microsoft systems? A post on Microsoft's Threat Research &amp; Response Blog earlier in the week gives us a glimpse at some of the numbers.</p> <p>In the post, <a href="http://blogs.technet.com/b/mmpc/archive/2011/05/25/microsoft-safety-scanner-detects-exploits-du-jour.aspx">Scott Wu and Joe Faulhaber cite some statistics</a> from the company's newly updated Microsoft Security Scanner. The tool was downloaded almost 420,000 times in the seven days after the update, and it detected 20,097 infected computers in its scans. That's roughly 1 in 20 computers. While a 5 percent infection rate isn't good, it certainly doesn't support the conception that some people have of Windows machines being overrun with viruses and OMG h@x0rs left and right.</p> <p>In case you were wondering, each infected machine had an average of 3.5 threats found, with Java exploits being far and away the most common cause. Five of the top six most common infections were Java exploits. </p> http://www.maximumpc.com/article/news/mac_fans_windows_gets_malware_too#comments anti virus malware microsoft Operating Systems Windows News Fri, 27 May 2011 19:32:35 +0000 Brad Chacos 18759 at http://www.maximumpc.com Kaspersky Internet Security 2011 Review http://www.maximumpc.com/article/reviews/kaspersky_internet_security_2011_review <!--paging_filter--><h3>Offers more protection than a pack of pit bulls</h3> <p>A part of us wishes Kaspersky Internet Security 2011 came bundled with its own <a href="http://bit.ly/1xtkVT" target="_blank">aluminum foil deflector beanie</a>, because it’s the only thing missing from what’s otherwise the ultimate package for paranoid PC users. Put another way, running Kaspersky is like sitting in a panic room behind a three-inch steel-frame door with multiple deadlocks, and toting a sawed-off shotgun just for good measure. Do you see where we’re going?</p> <p><a class="thickbox" href="http://dl.maximumpc.com/galleries/1010_reviews/kasp_full.jpg"><img src="http://dl.maximumpc.com/galleries/1010_reviews/kasp_405.jpg" alt="" width="405" height="299" /></a><br /><strong>Underneath Kaspersky's unassuming UI sits a whirlwind of protection.</strong></p> <p>Out of the box, Kaspersky comes ready to throw down with any malware feeling froggy enough to jump. Almost as if trying to prove a point, Kaspersky wouldn’t even allow us to visit our synthetic spyware site (<a href="http://www.spycar.org" target="_blank">www.spycar.org</a>) until we configured the web module to chilax and let us poke our head into suspicious web portals. Not that it mattered, because Kaspersky was unfazed by each of Spycar’s attempts to hijack our browser and simulate other malicious behavior.</p> <p>We again had to disable the web module in order to download our dirty archive brimming with real malware, and once more Kaspersky shrugged off our shenanigans by keeping the lid tightly closed no matter how hard we tried to open it.</p> <p>This is only the half of it, folks. All of our testing was performed with Kaspersky’s default security settings. Digging through the plain-English UI, we found that we could increase the security level for File, Mail, and Web from medium to high. Kaspersky only offers vague descriptions as to what these levels do, but the way it performed at default, we wouldn’t be surprised if increasing security to high resulted in Kaspersky sending a security consultant to your home to watch over your shoulder.</p> <p>All this and we’ve still only scratched the surface. Do you have a sneaky suspicion that Bob from accounting installed a keylogger on your machine, but you just can’t prove it? Kaspersky includes a virtual keyboard to prevent Bob, or foreign hackers, from recording your keystrokes as you log into banking sites or anywhere else you want extra peace of mind. If your paranoia runs even deeper, Kaspersky’s “Safe Run for Websites” option adds an additional layer of protection to your surfing session, sort of like a souped-up private browsing session. Cookies, history, and other details are kept secluded from the OS so they can’t be exploited, and then are nuked when you exit the browser.</p> <p>Kasperky’s Safe Run feature also extends to the desktop. If you’re unsure about that screensaver you just downloaded, the Safe Run option—found in the right-click context menu—runs the program in a virtual environment. This sandbox mode isolates the potentially unsavory app from making changes to the OS, and adds a layer of privacy—IMs, emails, and other communications are deleted once you exit the app.</p> <p>On top of all these security shields, Kaspersky rounds out its package with a toy box of tools that includes a downloadable ISO to create a rescue CD or USB key, a vulnerability scan to alert you to potential security holes with your system/programs, a privacy cleaner (vacuums up your various caches), and a browser diagnostic for IE users. There’s even a system restore utility that searches for problems caused by malware and then offers to roll back changes, but if you manage to circumvent Kaspersky’s protection in the first place, then you’re doing something seriously wrong.</p> http://www.maximumpc.com/article/reviews/kaspersky_internet_security_2011_review#comments 2011 anti virus AV internet security kaspersky reviews Software Software 2010 Utilities November 2010 Reviews From the Magazine Mon, 15 Nov 2010 19:35:42 +0000 Paul Lilly 15073 at http://www.maximumpc.com PC Tools Internet Security 2010 Review http://www.maximumpc.com/article/reviews/pc_tools_internet_security_2010_review <!--paging_filter--><h3>Light on features, heavy on protection, and priced just right</h3> <p>It’s been almost two years since we last looked at a security product from PC Tools—<a href="http://www.maximumpc.com/article/features/protect_your_pc_from_guys_like_this?page=0%2C0" target="_blank">PC Tools Antivirus Free Edition</a>—and the experience left such a bad taste in our mouths that we knew exactly how Will Ferrell felt when he was forced to lick a pile of white dog doo-doo in the movie Step Brothers. Yes, it was that bad.</p> <p>This time around, the experience was measurably more palatable, which is to say it was a lot less like eating dung and more like ordering from the value menu. At $50 for a one-year license, PC Tools will protect up to three PCs and ranks as one of the more affordably priced security suites we’ve dined on this year. If your Google-fu is up to snuff, coupon codes abound, knocking the price down by as much as 30 percent. That comes out to only $35, folks, making this the poor man’s security suite. As such, PC Tools stuffs a comparatively meager feature-set into the box, consisting of an antivirus scanner, spyware module, anti-spam controls, and a firewall. Noticeably absent are some of the side entrees other security vendors embellish their AV suites with, including parental controls, file shredders, identity safeguards, cloud storage, and various other garnishes.</p> <p><a class="thickbox" href="/files/u90693/pctools_full.jpg"><img src="/files/u90693/pctools_405.jpg" alt="" width="405" height="258" /></a><br /><strong>Not a whole lot of changes were made to the UI, but underneath the hood lies a vastly improved scan engine.</strong></p> <p>Given how poorly it performed in the past, we braced ourselves for the worst, especially when the program implored us with a pop-up to disable Windows Defender—no other security suite has ever asked us to do that. But unlike last time, PC Tools didn’t cower in the corner when we dumped a dirty archive onto our test bed’s desktop. Instead, PC Tools identified all of our contaminated files, and passed our synthetic spyware (<a href="http://www.spycar.org" target="_blank">www.spycar.org</a>) and virus (<a href="http://www.eicar.org" target="_blank">www.eicar.org</a>) tests with flying colors. It also did a serviceable job at warning against and blocking us from visiting booby-trapped websites. From strictly a protection standpoint, PC Tools certainly has the muscle to keep malware at bay.</p> <p>What it doesn’t have is a sprightly scan engine. A full scan took a little more than 13 minutes, which isn’t egregious, but subsequent scan times barely improved, plodding along at nearly 10 minutes to sweep through our hard drive on a second run. To put that into perspective, Comodo, our current speed champion, bolted through a subsequent scan in just one minute, 11 seconds. The trick is in caching files that haven’t changed or are otherwise deemed safe, and PC Tools’ performance in this area is merely average.</p> <p>Out of the box, PC Tools comes ready to rock and doesn’t require much, if any, tinkering. Should you want to tailor the suite to your liking, drilling down to the advanced settings takes just a couple of mouse clicks and most of the knobs and dials are clearly labeled. We’re especially impressed with the firewall, which monitors both inbound and outbound traffic and lets you adjust settings for each of those individually by application. There’s also a Game Mode, which suppresses pop-ups and other interruptions when using your PC in full-screen mode.</p> <p>PC Tools has improved by leaps and bounds over where we last left off and is a good overall option for full-fledged security on the cheap.</p> http://www.maximumpc.com/article/reviews/pc_tools_internet_security_2010_review#comments 2010 anti virus app AV internet security PC Tools reviews Software Software 2010 Utilities Reviews September 2010 From the Magazine Mon, 09 Aug 2010 19:26:16 +0000 Paul Lilly 13856 at http://www.maximumpc.com Hackers Adulterate Google Video Search Results with Malware http://www.maximumpc.com/article/news/hackers_adulterate_google_video_search_results_with_malware <!--paging_filter--><p>After <a href="/article/news/online_scammers_using_obamas_site_spread_trojan">Obama’s website</a>, black hats have now managed to sow the <a href="http://www.theregister.co.uk/2009/02/02/google_video_search_poisoned/">seeds of deceit in Google video search results</a>. Security firm <a href="http://blog.trendmicro.com/google-video-searches-being-poisoned/">Trend Micro</a> has discovered that that about 400,000 queries trigger Google Video search results that “have a single redirection point, and one that eventually leads to malware download and execution.” The black hats have been able to manipulate search results to their advantage using simple SEO techniques. For this purpose, they have reserved several domains and populated them with keywords.</p> <p>According to Trend Micro, the malware executable, dubbed WORM_AQPLAY.A, proliferates using removable and network drives. The malware executable is disguised as an Adobe Flash installer. The malware only prompts the user to download the malicious Flash installer when he reaches one of the malefic video websites being run by the black hats.</p> <div style="text-align: center"><img src="/files/u46168/google-video-frame-search.jpg" width="400" height="246" /></div> <p><em>Image Credit: Googlified </em></p> http://www.maximumpc.com/article/news/hackers_adulterate_google_video_search_results_with_malware#comments anti virus Attack hackers obama seo threat News Tue, 03 Feb 2009 14:07:46 +0000 Pulkit Chandna 5136 at http://www.maximumpc.com Malware Threat to iPhone, Android to Rise in 2009, Says ESET http://www.maximumpc.com/article/news/malware_threat_iphone_android_rise_2009_says_eset <!--paging_filter--><p>It is common knowledge that smartphones are fast emerging as a dainty prey for malware proliferators. But a recent press release by IT security firm ESET, which <a href="http://www.sourcewire.com/releases/rel_display.php?relid=44416&amp;hilite=">spelled out some of the potential threats in 2009</a>, might have iPhone and Android users worried in particular.</p> <p>ESET warned in the press release that it expects both the iPhone and Android to become more vulnerable to malware. The company also expects both the smartphone platforms to fall prey to mobile browser exploits that might target their WebKit-based browsers.</p> <p>The security firm has prognosticated an increase in fake antivirus extortion in 2009. “Some of the major antivirus companies have seen their websites spoofed over the last couple of months,” according to David Harley, Director of Malware Intelligence at ESET. The real threat lies in the fact that internet charlatans are leaving no stone turned in their bid to appear as credible as possible. </p> <div style="text-align: center"><img src="/files/u46168/iphone_virus0.jpg" width="400" height="316" /></div> <p><em>Image Credit: MondoTechBlog </em></p> http://www.maximumpc.com/article/news/malware_threat_iphone_android_rise_2009_says_eset#comments android anti virus apple eset Google iphone malware Security Software Software News threat virus News Tue, 30 Dec 2008 14:08:15 +0000 Pulkit Chandna 4684 at http://www.maximumpc.com