5 tips for a malware free Android device

With the popularity of Android on the continued rise, the number of malware infected apps have increased as well, and while malevolent software is still mostly infecting traditional computers, mobile device owners now have to accept the fact that it will only get harder to keep their phones and tablet computers free from harm, unless they take precautionary actions. The number of infected apps increases every day, and you can’t determine which ones are safe to use just by looking at the name of the app.

Here are 5 tips that will help you protect your Android device from malware:

Read the rest of: 5 tips for a malware free Android device | No Comments »

5 reasons why Trojans are such dangerous threats

Trojans are a very special form of malicious software that are designed to destroy your system files as opposed to Worm attacks which are designed to annoy  you with pop ups or file duplication. Trojans tend to take the form of legitimate software packages and it's typically too late by the time you find out you've been affected.   Here are 5 reasons to stay clear:

Read the rest of: 5 reasons why Trojan are such dangerous threats | 5 Comments »

Fresh Malicious Program Auto-Inserting Inside WordPress Software

Fresh malware unleashed by nasty online crooks  is attempting at injecting itself inside WordPress software. Users of WordPress must be vigilant as one fresh malicious program is currently acting to self-insert inside WordPress software.Called Mal/Badsrc-C, the malicious program, a virus exists inside the index.html file and due to its manner of installation it’s visible solely within the Internet Explorer (IE) Web-browser of Microsoft.

Read the rest of: Fresh Malicious Program Auto-Inserting Inside WordPress Software | 13 Comments »

Crimeware Targets SME/SMB Sector

Crimeware, malware and hacking that targets financial details to steal money from unsuspecting users accounts and credit cards, is not all just about high profile targets that hit the headlines. The thieves have a new target in site: Small businesses. When you think about it, that makes sense from a perpetrators persp
Read the rest of: Crimeware Targets SME/SMB Sector | No Comments »

TED Talk

Security industry expert Mikko Hyppönen has just given a very good talk at TED covering an ultra-brief history of viruses, the challenges security companies face today in fighting outbreaks and the challenges we face in the years ahead. You can see the talk on TED's website here, or watch it embedded below. We hope you enjoy the talk and find it informative.
Read the rest of: TED Talk | No Comments »

Rootkit Woes

Rootkits are a particularly nasty form of malware, in-so-far as once they install, they cover their tracks and make it very difficult to find them, let alone uninstall. A case in point is the particularly nasty Win32:Popureb.E variant bootkit (so-called because it uses the master boot record (MBR) to hide itself), which Microsoft announced on their technet blog that not only is a complete reinstall of the OS necessary to remove the malware, but the MBR also needs to be fixed before the reinstall takes place, something that might be beyond the capabilities of inexperienced users. This problem is exacerbated further due to their being no one simple process to clean the MBR, but differing processes, dependent on the operating system you are using, using either the Windows Recovery Console and BOOTREC.exe to fix the MBR or other tools, post XP (Detailed instructions here: for Windows XP, Windows Vista and Windows 7). But what can you do to prevent rootkit infections in the first place?
Read the rest of: Rootkit Woes | 2 Comments »

Russia - The New #1 for Malware

Help Net Security reports that Russia has overtaken the USA as the king of malware distribution via spam according to research undertaken by Kaspersky Labs. With spam messages making up to 80% of all email traffic, we are all at risk from everything from phishing scams (where PayPal details seem to be the most coveted) to direct malware infection via cleverly crafted links in emails, often to rogue sites looking like real internet properties. So, what can we do to stay safe online?
Read the rest of: Russia – The New #1 for Malware | No Comments »

VIRUSfighter for Servers Wins VB100 Award

We're happy to announce that VIRUSfighter for Servers has won the coveted VB100 award in the June 2011 Windows Server 2008 R2 tests recently completed (links may require free registration, detailed test result links require a paid subscription). VB100 have been the mainstay of independent testing of antivirus solutions for many years, and are published completely independently by Virus Bulletin magazine, with both winners and loser reports in detail every other month. We're happy to be able to bring independent certification to our server products, allowing our loyal users to know that our antivirus solutions are validated by independent external testing.  
Read the rest of: VIRUSfighter for Servers Wins VB100 Award | No Comments »

The Problem With Flash

Adobe, it seems, is a victim of being a huge success: having issued two out-of-band updates (emergency fixes, outside of the usual patching release cycle) within 9 days of each other. The single biggest problem with Flash is that it is ubiquitous on the web, and installed on so many machines, and not just Windows PCs, making it an important cross-platform infection vector. While, absolutely, Adobe has to take a large part of the blame, and they are addressing the issue by getting better and better at security fix responses, the simple huge popularity of the technology has made it a core target of hackers and malware pedlars. One of the core problems, from a security perspective, however, is that, according to this computerworld article, fixes can take time (from 72 hours and up), and during that time users are not only vulnerable, but have no real indicators that they are vulnerable, meaning, depending on the exploit, hackers and malware authors have carte blanche on the user machine until the problem is fixed, and the user probably has no indication idea of this. So, what can you do?
Read the rest of: The Problem With Flash | No Comments »

Search Engine Poisoning

Another day, another acronym to remember. This one is important, though, as the prevalence of SEP is on the increase. Security firm Imperva released a report on search engine poisoning, which, in summary, is a manipulation of search engine result, often using black-hat SEO techniques, to display results that contain references to malware delivering sites - which might either spoof a user to download malicious files, or use so-called drive-by techniques to instigate a download on poorly configured systems. The report suggests various techniques can be used in the SEP attack, including:
Read the rest of: Search Engine Poisoning | No Comments »

Microsoft Patches Exfiltration Flaw in Hotmail

Trend Micro, via Help Net Security, has reported a flaw in Microsoft's Hotmail service that allows exfiltration via a script, enabling attackers to syphon off user contact information and messages from a users account. The good news is that it's patched already. The next bit of good news is that if a user logged out just after infection, the session for the hotmail account was ended, which stopped the exploit cold. The ingenuity of the attack was such that it did not require a user to actually click on a link to work or download something, but just to open a specially crafted email which in turn would allow a script embedded into the email to do the dirty work. The attack looks like it was specifically targeted, and used variables used by hotmail itself to work. It is unknown at this time how many users might have been affected by the exploit, but kudos to Microsoft for the quick fix.
Read the rest of: Microsoft Patches Exfiltration Flaw in Hotmail | No Comments »

Beware Fake VirusTotal Site

The securelist blog has reported that they have found a fake website pretending to be VirusTotal, the popular open-to-the-public malware submission and multi-engine analysis site. Visiting the site might get you infected (depending on your security settings) via a javascript drive-by exploit that will download a malicious java exploit that in turn will set up your system as part of a botnet. Such botnets are used to perform DDoS (Distributed Denial of Service) attacks and to deliver spam messages. To avoid infection, consider the following as the minimum you should be doing to protect you and you valuable data:
Read the rest of: Beware Fake VirusTotal Site | No Comments »

How to Remove Mac Defender Malware

After it was leaked that Apple staff had virtually been ordered to not even acknowledge the latest Mac Malware, finally Apple have issued a knowledge base article on how to avoid or remove the malware. The malware, which has proliferated and changed names over the past several days, is currently known to be called either MacDefender, MacProtector or MacSecurity. Apple have stated in the knowledge base article that they will issue a Mac OS X update in the coming days to render the problem obsolete, by issuing a patch that will detect and delete Mac Defender and its variants. Follow these simple steps to avoid being infected in the first place:
Read the rest of: How to Remove Mac Defender Malware | 1 Comment »

The RogueAV Risk

April saw the largest increase in detectable malware according to Help Net Security, up 26% on the previous year, with 73,000 new variants of threats being released daily. While this is worrying in and of itself, a particularly aggressive campaign has been waged against users in the form of RogueAV (and variants). The scammers promoting this particular form of malware have been very adept at using social techniques, and social media, to promote these "products". What can you do to protect yourself?
Read the rest of: The RogueAV Risk | No Comments »

Zeus Source Code Leaked

Back in February, the infamous Zeus Trojan source code was known to be made available on underground hacking and tools forums. At that time the cost of the code was around $100,000. Several weeks later, the price was just $5000. Now it's available for free. Peter Kruse broke the story on the CSIS blog, with InfoSecurity (UK) following up more in-depth two days later. So what's the story, and why is it important?
Read the rest of: Zeus Source Code Leaked | 1 Comment »