Mamutu 3.0 – 1 year subscription for free (GOTD)

How safe is your PC really?

To put it succinctly: Why signature-based security software is not enough

Normal security software recognizes Malware using Signatures, a type of digital fingerprint. What is problem with this? No fingerprint means no recognition. This means that the Malware must first be known to the manufacturer of the security software before it is possible to create a fingerprint allowing it to be recognized. The fingerprint database on your PC is then updated online on a daily basis. Only then can the Malware be recognized.

 

You are probably now thinking: “What about new Malware that manufacturer of the security software has never seen? They have no way of making a fingerprint of this…”. Exactly!

This is where the behavior-based Malware defense of Mamutu comes into play. It does not use a fingerprint to recognize dangerous software but rather on the basis of the behavior of the software. This allows Mamutu to recognize new Malware long before the signature databases have been updated. These types of Malware attacks are known as Zero-Day attacks. In addition to this, behavior-based Malware recognition is the only efficient way of recognizing Malware that has been built for a single specific attack, e.g. for industrial espionage.

 

The perfect security enhancement

Mamutu recognizes and reports the following types of behavior:

• Backdoor related behavior
• Spyware related behavior
• HiJacker related behavior
• Worm related behavior
• Dialer related behavior
• Keylogger related behavior
• Trojan Downloader related behavior
• Injection of code into other programs
• Manipulation of programs (patching)
• Invisible installations of software
• Invisible Rootkit processes
• Installation of services and drivers
• Creation of Autostart entries
• Manipulation of the Hosts file
• Changes of the browser settings
• Installation of debuggers on the system
• Simulated mouse and keyboard activity
• Direct disk sector access on harddisk
• Changes of the system group policies [NEW!]

 

Full control over internal system activities

You can now decide for yourself what programs are allowed to start on your PC and what actions may be performed. Detailed application rules are now available, allowing you to individually specify the permitted behavior of every application:

• Monitor application, but allow specific activities
  Select this option to always allow particular specific behavior of a program. In certain situations a benign program can contain a function that is very similar to a damaging function and is thus reported. If you are sure that this action is actually not dangerous then you can allow it. All other types of dangerous behavior are still reported.
• Always block this application
  Select this option to permanently block a particular program. You can also use this feature to provide child protection by preventing other PC users from starting a particular application.
• Exclude from protection
  Select this option to completely exclude an application from the monitoring process. Use this when you always trust an application and are sure that it does not execute any damaging actions.

 

Bonus feature: Application protection

You can use the application rules to protect specific programs from third-party manipulation. For example, this feature is used to prevent Mamutu from being terminated by Malware in order to disable the protection. You can also make use of this feature. You can protect your Browser and other important programs from being illegally terminated.

 

 

The program is available for $27.00 (1-year subscription), but it will be free for a limited-time offer by giveawayoftheday.com.

 

Download Mamutu 3.0 now

 

 

 

Symantec Loves VIPRE

Our good friends over at Symantec love VIPRE so much, they’ve decided to use the logo in their new marketing campaign!

 

 

We prefer our colors, of course (I like blue) but otherwise, not a bad copy of our logo.

 

 

Imitation is the sincerest form of flattery!

 

Alex Eckelberry -  GFI

 

The Web Security Strategy for Your Organization

In today’s business world, internet usage has become a necessity for doing business.  Unfortunately, a company’s use of the internet comes with considerable risk to its network and business information.

 

Web security threats include phishing attacks, malware, scareware, rootkits, keyloggers, viruses and spam.  While many attacks occur when information is downloaded from a website, others are now possible through drive-by attacks where simply visiting a website can infect a computer.  These attacks usually result in data and information leakage, loss in productivity, loss of network bandwidth and, depending on the circumstances, even liability issues for the company.  In addition to all this, cleanup from malware and other types of attacks on a company’s network are usually costly from both the dollar aspect as well as the time spent recovering from these web security threats.

 

Fortunately, there are steps a company can take to protect itself from these web security threats.  Some are more effective than others, but the following suggestions should help narrow down the choices.

 

 

 

Employee internet usage policy

The first and probably the least expensive solution would be to develop and implement an employee internet usage policy.  This policy should clearly define what an employee can and cannot do when using the internet.  It should also address personal usage of the internet on the business computer.  The policy should identify the type of websites that can be accessed by the employee for business purposes and what, if any, type of material can be downloaded from the internet.  Always make sure the information contained in the policy fits your unique business needs and environment.

 

 

Employee education

Train your employees to recognize web security threats and how to lower the risk of infection.  In today’s business environment, laptops, smartphones, iPads, and other similar devices are not only used for business purposes, but also for personal and home use.  When devices are used at home, the risk of an infection on that device is high and malware could easily be transferred to the business network. This is why employee education is so important.

 

 

Patch management

Good patch management practices should also be in place and implemented using a clearly-defined patch management policy.  Operating systems and applications, including browsers, should be updated regularly with the latest available security patches. The browser, whether a mobile version used on a smartphone or a full version used on a computer, is a primary vector for malware attacks and merits particular attention. Using the latest version of a browser is a must as known vulnerabilities would have been addressed

 

 

Internet monitoring software

Lastly, I would mention the use of internet monitoring software.  Internet monitoring software should be able to protect the network against malware, scareware, viruses, phishing attacks and other malicious software.  A robust internet monitoring software solution will help to enforce your company’s internet usage policy by blocking connections to unacceptable websites, by monitoring downloads, and by  monitoring encrypted web traffic going into and out of the network.

 

There is no single method that can guarantee 100% web security protection, however a well thought-out strategy is one huge step towards minimizing risk that the network could be targeted by the bad guys.

 

 

This guest post was provided by Sean McCreary on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. More information: GFI web security software.

 

All product and company names herein may be trademarks of their respective owners.

Free Apple iTunes Giftcard scam spreads on Facebook

Get the New NORMAN Malware Cleaner for Free Today

 

Use our free and newly improved Malware Cleaner tool to scan and clean your computer from viruses, trojans and other types of malware. This simple and user friendly tool not only detects malicious software but also removes them from your computer.

 

What are the most common symptoms of an infected computer?

• Freezing or sudden restarts – Your computer behaves unexpectedly during normal use
• Unusual updates by you on Facebook or Twitter – Especially after you’ve clicked on a link that appeared not to work or installed a new application
• Emails you didn’t send – Your friends tell you they’ve received emails you didn’t send

 

If you suspect your computer might be infected, download and run the new Malware Cleaner for free today!

 

Remember: the Malware Cleaner is a solution when your computer is already infected. Keeping safe requires a security
solution that protects your computer from malicious software. The easiest and most efficient way to protect your online
identity and your computer against these threats is an antivirus software or an all-in-one security solution. If you don’t
have one, your computer might be infected without you knowing about it.

 

Key features

• Easy to install and run
• Detect and Remove malware (viruses, Rootkit’s, FakeAV, worms and more)
• Utilize advanced Anti-Rootkit technology
• Quarantine module to process the detected files
• Deep scan and cleaning including Norman patented Norman SandBox technology
• Supports Quick- and Deep Scan mode
• New command line function for better tailor scanning across several machines (businesses)
• Daily signature updates available

 

Supported operating systems: Windows 98, Me, NT, 2000, XP, 2003, Vista, 2008 and 7.

 

 

Download Norman Malware Cleaner.exe (139 MB)

 

 

 

Facebook changes privacy settings for millions of users – facial recognition is enabled

When Facebook revealed last year it was introducing facial recognition technology to help users tag their friends in photographs, they gave the functionality to North American users only.

 

Most of the rest of us found the option in our privacy settings was “not yet available”, which meant we could neither enable or disable it. We simply had to wait until Facebook decided to roll it out to our account.

 

Well, now might be a good time to check your Facebook privacy settings as many Facebook users are reporting that the site has enabled the option in the last few days without giving users any notice.

 

There are billions of photographs on Facebook’s servers. As your Facebook friends upload their albums, Facebook will try to determine if any of the pictures look like you. And if they find what they believe to be a match, they may well urge one of your Facebook friends to tag it with your name.

 

The tagging is still done by your friends, not by Facebook, but rather creepily Facebook is now pushing your friends to go ahead and tag you.

 

Remember, Facebook does not give you any right to pre-approve tags. Instead the onus is on you to untag yourself in any photo a friend has tagged you in. After the fact.

 

If this is something you’re uncomfortable with, disable “Suggest photos of me to friends” now.

 

Here’s how you do it.

 

* Go to your Facebook account’s privacy settings.

 

* Click on “Customise settings”.

 

* Under “Things others share” you should see an option titled “Suggest photos of me to friends. When photos look like me, suggest my name”.

 

* Unfortunately at this point you can’t tell whether Facebook has enabled the setting or not, you have to dig deeper..

 

* Click on “Edit settings”.

 

 

* If Facebook has enabled auto-suggestion of photo tags you will find the option says “Enabled”.

 

 

* Change it to “Disabled” if you don’t want Facebook to work that way.

 

* Press “OK”.

 

Earlier this year, Sophos wrote an open letter to Facebook. Amongst other things, we asked for “privacy by default” – meaning that there should be no more sharing of information without users’ express agreement (OPT-IN).

 

Unfortunately, once again, Facebook seems to be sharing personal information by default. Many people feel distinctly uncomfortable about a site like Facebook learning what they look like, and using that information without their permission.

 

Most Facebook users still don’t know how to set their privacy options safely, finding the whole system confusing. It’s even harder though to keep control when Facebook changes the settings without your knowledge.

 

The onus should not be on Facebook users having to “opt-out” of the facial recognition feature, but instead on users having to “opt-in”.

 

Yet again, it feels like Facebook is eroding the online privacy of its users by stealth.

 

If you are on Facebook and want to keep yourself informed about the latest news from the world of internet security and privacy you could do a lot worse than join the Sophos Facebook page where we regularly discuss these issues and best practice.

 

You should also take some time to read our step-by-step advice on how best to configure your Facebook privacy settings.

 

 

By Graham Cluley @ http://nakedsecurity.sophos.com/

 

Sony Europe hacked by Lebanese hacker… Again

By my count this is unlucky hack number 13 for Sony. A Lebanese hacker known as Idahc dumped another user database at Sony Europe containing approximately 120 usernames, passwords (plain text), mobile phone numbers, work emails and website addresses.

The attacker claims that he used standard SQL injection techniques to acquire the database. I think it is fair to say it appears that Sony has not learned anything from the previous 12 attacks.

 

SQL injection flaw? Check. Plain text passwords? Check. People’s personally identifiable information totally unprotected? Check.

 

Idahc is the same attacker who targeted the Canadian Sony Ericsson site in May, 2011. In his note on pastebin he states: “I was Bored and I play the game of the year : ‘hacker vs Sony’.” He posted the link to pastebin with the simple note “Sony Hacked: pastebin.com/OMITTED lol.”

 

If you are a database administrator (especially a Sony one) and want to avoid your sensitive data from ending up in the headlines I recommend you actually test your web applications for SQL vulnerabilities.

 

A great resource with detailed information on how to protect against SQL injection attacks is available at codeproject.com.

 

You can also download our free technical paper Securing Websites.

By Chester Wisniewski @ nakedsecurity.sophos.com

 

WARNING – Facebook Dislike button spreads fast, but is a fake – watch out!

Don’t be too quick to click on links claiming to “Enable Dislike Button” on Facebook, as a fast-spreading scam has caused problems for social networking users this weekend.

 

Messages claiming to offer the opposite to a like button have been appearing on many Facebook users’ walls:

Facebook now has a dislike button! Click 'Enable Dislike Button' to turn on the new feature!

 

Like the “Preventing Spam / Verify my account” scam which went before it, the scammers have managed to waltz past Facebook’s security to replace the standard “Share” option with a link labelled “Enable Dislike Button”.

The fact that the “Enable Dislike Button” link does not appear in the main part of the message, but lower down alongside “Link” and “Comment”, is likely to fool some users into believing that it is genuine.

 

Clicking on the link, however, will not only forward the fake message about the so-called “Fakebook Dislike button” to all of your online friends by posting it to your profile, but also run obfuscated Javascript on your computer.

 

The potential for malice should be obvious.

 

As we’ve explained before, there is no official dislike button provided by Facebook and there isn’t ever likely to be. But it remains something that many Facebook users would like, and so scammers have often used the offer of a “Dislike button” as bait for the unwary.

 

Here’s another example that is spreading, attempting to trick you into pasting JavaScript into your browser’s address bar, before leading you to a survey scam:

 

If you use Facebook and want to learn more about spam, malware, scams and other threats, you should join the Sophos Facebook page where we have a thriving community of over 80,000 people.

By Graham Cluley @ nakedsecurity.sophos.com

WARNING: Dad catches daughters on webcam – spreading fast on Facebook

Facebook is being hit by another viral message, spreading between users’ walls disguised as a link to a saucy video.

 

The messages, which are spreading rapidly, use a variety of different links but all claim to be a movie of a dad catching his daughters making a video on their webcam:

 

[VIDEO] DAD CATCHES DAUGHTERS ON WEBCAM [OMGGGG].AVI
[LINK]
two naughty girls get caught in the WORST moment while making a vid on their webcam! omg!!

 

The messages also tag some of the victims’ Facebook friends, presumably in an attempt to spread the links more quickly across the social network.

 

If you make the mistake of clicking on the link you are taken to a webpage which shows a video thumbnail of two scantily clad young women on a bed. The page urges you to play the video, however doing so will post the Facebook message on your own wall as a “Like” and pass it to your friends.

 

Unfortunately, the new security improvements announced by Facebook this week fail to give any protection or warning about the attack.

 

 

When I tested the scam I was presented with a (fake) message telling me that my Adobe Flash plugin had crashed and I needed to download a codec.

 

Users should remember that they should only ever download updates to Adobe Flash from Adobe’s own website – not from anywhere else on the internet as you could be tricked into installing malware.

 

Ultimately, you may find your browser has been redirected to a webpage promoting a tool for changing your Facebook layout, called Profile Stylez and – on Windows at least – may find you have been prompted to install a program called FreeCodec.exe which really installs the Profile Stylez browser extension.

 

 

 

It’s certainly disappointing to see Facebook’s new security features fail at the first major outbreak – clearly there’s much more work which needs to be done to prevent these sorts of messages spreading rapidly across the social network, tricking users into clicking on links which could be designed to cause harm.

 

If you use Facebook and want to learn more about spam, malware, scams and other threats, you should join the Sophos Facebook page where we have a thriving community of over 80,000 people.

 

By Graham Cluley @ nakedsecurity.sophos.com

Verify My Account Spam Runs Rampant On Facebook