GFI WebMonitor – Web Security and Internet Access Control Software

Most of companies want able to monitor and control user access to the Network and the Internet, GFI Software has a solution that can help you meet there need. Available as a standalone proxy version or as a dedicated plug-in for organizations that have deployed Microsoft ISA Server, GFI WebMonitor is a great, policy-based Web monitoring, filtering, scanning and control solution.

 

Read more

Bitdefender Safego The New Social Network Protection

Posts on your wall, comments from friends, status updates. These are the tools that help you build your online social interactions. But don’t forget that your online social life relies on a crucial ingredient: your friends’ trust in you. So why let infected links, spam or deftly crafted scams step in and spoil your fun? After all, we’ve all had enough of the “see who viewed your profile” tricks and of its countless siblings.

 

Using in-the-cloud scanning, Bitdefender Safego protects your social network account from all sorts of e-trouble: scams, spam, malware and private data exposure. But, most importantly, Safego keeps your online friends safe and …close.

 

 

To install the app Click Here

Mamutu 3.0 – 1 year subscription for free (GOTD)

How safe is your PC really?

To put it succinctly: Why signature-based security software is not enough

Normal security software recognizes Malware using Signatures, a type of digital fingerprint. What is problem with this? No fingerprint means no recognition. This means that the Malware must first be known to the manufacturer of the security software before it is possible to create a fingerprint allowing it to be recognized. The fingerprint database on your PC is then updated online on a daily basis. Only then can the Malware be recognized.

 

You are probably now thinking: “What about new Malware that manufacturer of the security software has never seen? They have no way of making a fingerprint of this…”. Exactly!

This is where the behavior-based Malware defense of Mamutu comes into play. It does not use a fingerprint to recognize dangerous software but rather on the basis of the behavior of the software. This allows Mamutu to recognize new Malware long before the signature databases have been updated. These types of Malware attacks are known as Zero-Day attacks. In addition to this, behavior-based Malware recognition is the only efficient way of recognizing Malware that has been built for a single specific attack, e.g. for industrial espionage.

 

The perfect security enhancement

Mamutu recognizes and reports the following types of behavior:

• Backdoor related behavior
• Spyware related behavior
• HiJacker related behavior
• Worm related behavior
• Dialer related behavior
• Keylogger related behavior
• Trojan Downloader related behavior
• Injection of code into other programs
• Manipulation of programs (patching)
• Invisible installations of software
• Invisible Rootkit processes
• Installation of services and drivers
• Creation of Autostart entries
• Manipulation of the Hosts file
• Changes of the browser settings
• Installation of debuggers on the system
• Simulated mouse and keyboard activity
• Direct disk sector access on harddisk
• Changes of the system group policies [NEW!]

 

Full control over internal system activities

You can now decide for yourself what programs are allowed to start on your PC and what actions may be performed. Detailed application rules are now available, allowing you to individually specify the permitted behavior of every application:

• Monitor application, but allow specific activities
  Select this option to always allow particular specific behavior of a program. In certain situations a benign program can contain a function that is very similar to a damaging function and is thus reported. If you are sure that this action is actually not dangerous then you can allow it. All other types of dangerous behavior are still reported.
• Always block this application
  Select this option to permanently block a particular program. You can also use this feature to provide child protection by preventing other PC users from starting a particular application.
• Exclude from protection
  Select this option to completely exclude an application from the monitoring process. Use this when you always trust an application and are sure that it does not execute any damaging actions.

 

Bonus feature: Application protection

You can use the application rules to protect specific programs from third-party manipulation. For example, this feature is used to prevent Mamutu from being terminated by Malware in order to disable the protection. You can also make use of this feature. You can protect your Browser and other important programs from being illegally terminated.

 

 

The program is available for $27.00 (1-year subscription), but it will be free for a limited-time offer by giveawayoftheday.com.

 

Download Mamutu 3.0 now

 

 

 

The Web Security Strategy for Your Organization

In today’s business world, internet usage has become a necessity for doing business.  Unfortunately, a company’s use of the internet comes with considerable risk to its network and business information.

 

Web security threats include phishing attacks, malware, scareware, rootkits, keyloggers, viruses and spam.  While many attacks occur when information is downloaded from a website, others are now possible through drive-by attacks where simply visiting a website can infect a computer.  These attacks usually result in data and information leakage, loss in productivity, loss of network bandwidth and, depending on the circumstances, even liability issues for the company.  In addition to all this, cleanup from malware and other types of attacks on a company’s network are usually costly from both the dollar aspect as well as the time spent recovering from these web security threats.

 

Fortunately, there are steps a company can take to protect itself from these web security threats.  Some are more effective than others, but the following suggestions should help narrow down the choices.

 

 

 

Employee internet usage policy

The first and probably the least expensive solution would be to develop and implement an employee internet usage policy.  This policy should clearly define what an employee can and cannot do when using the internet.  It should also address personal usage of the internet on the business computer.  The policy should identify the type of websites that can be accessed by the employee for business purposes and what, if any, type of material can be downloaded from the internet.  Always make sure the information contained in the policy fits your unique business needs and environment.

 

 

Employee education

Train your employees to recognize web security threats and how to lower the risk of infection.  In today’s business environment, laptops, smartphones, iPads, and other similar devices are not only used for business purposes, but also for personal and home use.  When devices are used at home, the risk of an infection on that device is high and malware could easily be transferred to the business network. This is why employee education is so important.

 

 

Patch management

Good patch management practices should also be in place and implemented using a clearly-defined patch management policy.  Operating systems and applications, including browsers, should be updated regularly with the latest available security patches. The browser, whether a mobile version used on a smartphone or a full version used on a computer, is a primary vector for malware attacks and merits particular attention. Using the latest version of a browser is a must as known vulnerabilities would have been addressed

 

 

Internet monitoring software

Lastly, I would mention the use of internet monitoring software.  Internet monitoring software should be able to protect the network against malware, scareware, viruses, phishing attacks and other malicious software.  A robust internet monitoring software solution will help to enforce your company’s internet usage policy by blocking connections to unacceptable websites, by monitoring downloads, and by  monitoring encrypted web traffic going into and out of the network.

 

There is no single method that can guarantee 100% web security protection, however a well thought-out strategy is one huge step towards minimizing risk that the network could be targeted by the bad guys.

 

 

This guest post was provided by Sean McCreary on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. More information: GFI web security software.

 

All product and company names herein may be trademarks of their respective owners.

Immunet Version 3.0 – The Next Step In Anti-Malware Protection

Introduction to 3.0

 

On February 9th we will be releasing our version 3.0 with some notable changes and improvements.

 

Before I detail what’s new from a feature perspective I should also note that we are changing the name of the product with this release, the new name is going to be Immunet 3.0 – Powered by ClamAV. The new product will look like this screenshot here:

 

 

In addition to our name change, you will also note a change in the icon we use in your tray. The new icon is the ’star burst’ in white and blue, it should like like this in your tray:

 

The name change is the result of the acquisition of Immunet Corp by Sourcefire Inc. This acquisition has brought both the Immunet and ClamAV teams under the same roof to deliver our 3.0 release and future products.

 

New Features

Our 3.0 release was primarily intended to sharpen our focus on malware detection and to provide comprehensive protection to users who are not always connected to the cloud. Some of the features we have added are cutting edge and allow both advanced and basic users of our software to benefit from much higher detection rates. Our new features are detailed below.

 

Complete Offline Protection

The 3.0 release will now ship with an ‘Offline’ engine. This engine (which is ClamAV .97) once enabled will automatically pull down our latest detection sets and allow for complete detection coverage, even when you are not connected to the Internet. We are creating detections for ‘hot’ threats, prevalent on the net, so that you will be protected from current ‘in the wild’ threats and their variants. With our Offline protection we now also have several complex engines for detection native to the desktop and have support for file formats such as .DOC, .XLS, HTML etc. as well as strong unpacking support.

 

If you are installing fresh, you will have the option to install this engine turned ‘On’ by default. If you are upgrading from ClamAV for Windows this engine will be turned off be default. The screenshot here shows how to enable it from the ‘Settings’ feature on the front the User Interface.

 

 

Cloud Recall

One of the advantages of a Cloud model for hunting and identifying threats is that we are able to retain and analyze vast amounts of data about what our community is seeing at any given time. Unlike traditional Anti-Virus, or even other Cloud Anti-Virus we constantly reconsider all the data we see or have seen in our community. This allows us to evaluate every decision we have made about a file in our community and see if we still agree with that decision as time advances. If we find that our position has changed about the security of a file in our community because of new information on that file we can now seamlessly act on it. To put this in practical terms if you look up a file today and we do not know it’s malicious yet and tonight or tomorrow we discover it is malicious we will alert your system to find the file and remove it, all without you needing to download a single definition update. This ‘Cloud Recall’ ensures that your security is advanced with every new piece of information we become aware of. You will always know as much as we do, when we do.

 

Custom Signature Creation

Something which has been missing in modern Windows Anti-Virus products is a feature which allows advanced users to craft and deploy their own signatures or detection capabilities. With 3.0 we now offer the first Windows Anti-Virus product which allows our users to write their own detections with our engines just as we would.

 

Users can now hunt threats (or Advanced Persistent Threats if you like) by creating signatures which range from simplistic (straight MD5 matches) to complex (logically chained expressive signatures w/ offset support and wild carding). Signature management is done with the new SigUI tool which is available in Start -> All Programs -> Immunet 3.0 and looks like this:

 

 

Documentation for the SigUI may be found here and our manual for creation of signatures can be found here. We encourage you to write your signatures and post them to our online Forum.

 

All in and all this represents the most ambitious release we have ever done. The beta program for this version has been full of very positive feedback and we are excited by it’s general release.

 

If you have any feedback about this release or questions, please do not hesitate to email me at ahuger @ sourcefire.com .

 

VIPRE Antivirus Demonstration

 

 

Finally! Security that no longer slows down your PC with Vipre Antivirus

Nowadays the internet threats is growing up so fast like viruses everyday more than a hundred type is discovered, even the scams and malware  is being smarter and more danger on stealing personal information, so everyone looking for protection solution that can protect them as proactive system to detect the new threats.

 

Read more

Get Advanced SystemCare PRO Edition for FREE

Original Price:

NOW Free Giveaway

Read more

Free Windows Shortcut Exploit Protection Tool From SOPHOS

Apple secretly updates Mac malware protection

Apple’s 10.6.4 operating system upgrade earlier this week silently updated the malware protection built into Mac OS X to protect against a backdoor Trojan horse that can allow hackers to gain remote control over your treasured iMac or MacBook.

 

Although there is no mention of it that we could find in Apple’s release notes for Mac OS X 10.6.4, or the accompanying security bulletin, Apple has updatedXProtect.plist – the rudimentary file that contains elementary signatures of a handful of Mac threats – to detect what they call HellRTS.

 

HellRTS, which Sophos products have been detecting as OSX/Pinhead-B since April, has been distributed by malicious hackers disguised as iPhoto, the photo application which ships on modern Mac computers.

 

If you did get infected by this malware then hackers would be able to send spam email from your Mac, take screenshots of what you are doing, access your files and clipboard and much more.

 

Unfortunately, many Mac users seem oblivious to security threats which can run on their computers. And that isn’t helped when Apple issues an anti-malware security update like this by stealth, rather than informing the public what it has done. You have to wonder whether their keeping quiet about an anti-malware security update like this was for marketing reasons. “Shh! Don’t tell folks that we have to protect against malware on Mac OS X!”

 

It seems their own employees can be amongst the worst offenders when it comes to giving users security advice. Just a few days ago I saw a former colleague of minetweet about the poor advice about malware protection being offered in Apple retail stores.

 

READ MORE…

 

Next Page »