• 2013-12-10 22:39 Стартует «Премия Dr.Web»!
• 2013-12-10 23:14 Emsisoft vince l’AVLab Internet Security Award 2014
• 2013-12-10 23:14 Amazon Drones and the Future of Anti-Malware
• 2013-12-10 23:22 Обновление компонентов Dr.Web Control Service и Dr.Web SelfPROtect в продуктах Dr.Web 9.0 для Windows
• 2013-12-10 23:23 «Лаборатория Касперского» и фармацевтическая группа «ПРОТЕК»: вместе против вирусов
• 2013-12-10 23:33 Акция «Тройная защита Dr.Web» для покупателей магазинов Samsung «Носимо»
• 2013-12-11 00:52 Viruses that went Viral: Conficker

Антивирусный "хостинг"

Клуб пользователей антивирусных услуг (Saas, Cloud)

KMM поделился ссылкой

Стартует «Премия Dr.Web»!

10 декабря 2013 года

«Доктор Веб» объявляет о начале акции «Премия Dr.Web», которая проводится совместно с нашим партнером – компанией «СофтКомп». При покупке продуктов Dr.Web для защиты корпоративных сетей в компании «СофтКомп» вы бесплатно получите лицензионный сертификат на Dr.Web Security Space, а также еще один ценный подарок — итальянскую кофемашину или гаджет от компании Apple.

Для участия в акции «Премия Dr.Web» необходимо обратиться в компанию «СофтКомп» и приобрести продукты Dr.Web для защиты корпоративных сетей на сумму более 20 000 рублей. Вместе с лицензионным сертификатом на корпоративные продукты Dr.Web вы бесплатно получите лицензию на Dr.Web Security Space для защиты своего персонального компьютера.

Кроме того, в зависимости от суммы заказа вас ожидают и другие ценные подарки, в числе которых – IPad mini 2 и iPhone 5s!

Акция «Премия Dr.Web» завершится в начале весны, 12 марта 2014 года.

KMM поделился ссылкой

Emsisoft vince l’AVLab Internet Security Award 2014

Emsisoft Anti-Malware ha battuto le altre 35 suite di sicurezza nei test recenti di AVLab Performance e ha ricevuto il premio “Best+++” per le sue strabilianti performance.

I risultati ufficiali sono disponibile in polacco solo sul sito ufficiale AVLab.pl.

Related Posts:

• Emsisoft vince l’AVLab Internet Security Award 2014
• Emsisoft Anti-Malware fa vedere di che pasta è fatto: MRG…
• Promozione Emsisoft Black Friday: sconto del 30% e 3 mesi…
• Criptazione delle E-mail: ecco come funziona
• Emsisoft Internet Security Pack with best result in COMSS…

KMM поделился ссылкой

Amazon Drones and the Future of Anti-Malware

The holidays are here, and the news media is all a flutter about Amazon.com.  Cyber Monday has of course beat Black Friday once again, and since this has been old news for at least the past 5 years someone decided it was time to change the subject to something else.

Enter: Amazon Delivery Drones

This past week, Bezos and Co. set the media aflare with the hot new topic of drones.  The general idea has been around in science fiction for nearly a century, but now the Amazon CEO is insisting that specialized delivery drones are an imminent reality.  Pundits the world around have responded with the usual slew of criticism, asking aloud how the government will regulate it, if it is technologically feasible, and, most importantly, whether it is safe.

No one can answer any of these questions with certainty, and in fact no one but Bezos himself actually knows whether Amazon has actually begun to develop this drone-technology or not.  In fact, for all we know, it’s just an ingenious PR stunt, engineered to bolster holiday sales.  Despite of all this, however, we here at Emsisoft have one important question that remains as yet unasked:

What will a future with drones mean for the future of antivirus software?

Naturally, any conversation about drones involves the topic of air safety.  A drone that can deliver a package to your doorstep could just as easily deliver a bomb.  Or it could monitor you from an unobservable height and give its operator all the behavioral details they would ever need to know to steal your identity.

If drones become a reality, they will be heavily regulated.  This will necessarily include regulation of their software and measures to prevent it from being hacked.  Even the most benign of drones could become malicious if hijacked by a programmer with malintent.  Drones of the future will therefore require some sort antivirus software, just as personal computers do today.

Which of course brings us to a second consideration:

Will drones become personalized?

As far as we can tell, the answer is yes.  That is, i.f.f. drones are developed commercially.  If drones are developed commercially, it will only be a matter of time before they are developed for personal use.  That’s how it went with computers, and that’s usually how it goes with anything else consumer tech.

Perhaps even more than commercial delivery drones, personal drones will require quality antivirus software.  Large corporations like Amazon will stand to loose quite a bit if their delivery drones malfunction, and you can be sure that if they are developed they will likely be impenetrable.  But personalized drones won’t be nearly as robust, and if they are to be legalized they will likely require an antivirus software and perhaps also an operating license.

Which brings us to a third consideration:  ^ Shouldn’t those be requirements to operate a PC? ;)

…In any event, we’re excited about the future of antimalware, and already dreaming of Emsisoft 2023:  Fully Optimized for a Secure PD (Personal Drone) Experience.

 

 

Related Posts:

• Amazon spam: “Your Order Processed Today”
• How many viruses are made by anti-virus companies?
• Emsisoft Mamutu end of sale
• The transparent citizen – How can I actively prevent…
• Viruses that went Viral: Conficker

KMM поделился ссылкой

Обновление компонентов Dr.Web Control Service и Dr.Web SelfPROtect в продуктах Dr.Web 9.0 для Windows

10 декабря 2013 года

Компания «Доктор Веб» сообщает об обновлении управляющего сервиса Dr.Web Control Service (9.0.4.12060) и модуля самозащиты Dr.Web SelfPROtect (9.0.5.12060) в продуктах Dr.Web Security Space и Антивирус Dr.Web версии 9.0. Обновление связано с исправлением выявленных ошибок.

В управляющем сервисе исправлена ошибка, приводившая к отключению опции «Контролировать доступ к следующим объектам» при перезагрузке операционной системы.

В модуле самозащиты устранена причина конфликта, который мог приводить к аварийному завершению работы приложений, упакованных протектором Themida, на 64-битных ОС при установленном Dr.Web. Кроме того, ликвидирована проблема несовместимости Dr.Web SelfPROtect с программным обеспечением КриптоПро, обнаруженная после предыдущего обновления данного компонента.

Обновление пройдет для пользователей автоматически, однако потребует перезагрузки компьютеров.

KMM поделился ссылкой

«Лаборатория Касперского» и фармацевтическая группа «ПРОТЕК»: вместе против вирусов

«Лаборатория Касперского» рада сообщить о продолжении сотрудничества с фармацевтической группой компаний «ПРОТЕК», в состав которой входит одна из крупнейших в России аптечных сетей «Ригла».

KMM поделился ссылкой

Акция «Тройная защита Dr.Web» для покупателей магазинов Samsung «Носимо»

10 декабря 2013 года

Компания «Доктор Веб» и официальный дистрибьютор Samsung – компания «Носимо» - объявляют о старте акции «Тройная защита Dr.Web». По ее условиям при покупке в фирменных магазинах Samsung продукта Dr.Web Security Space версии 9.0 для защиты 2 ПК на 1 год защита еще для одного ПК или Мас предоставляется бесплатно. Акция проходит с 10 декабря 2013 года по 31 января 2014 года.

Напомним, что c выпуском Dr.Web версии 9.0 для Windows в распоряжении пользователей появился целый ряд новинок, в числе которых – новый поведенческий анализатор Dr.Web, защита пользовательских данных от повреждения вредоносным ПО и обновленный механизм выявления известных угроз, скрытых под новыми упаковщиками.

Эта акция – отличный повод приобрести новый продукт Dr.Web и получить тройную защиту! Кстати, защита Dr.Web Security Space распространяется не только на ПК или Мас, но и на мобильные устройства под управлением Android, Symbian OS или Windows Mobile. Таким образом, в рамках акции вы можете вместе с еще одним ПК защитить и дополнительный смартфон!

Добро пожаловать за тройной защитой Dr.Web в магазины Samsung компании «Носимо»!

KMM поделился ссылкой

Viruses that went Viral: Conficker

Since the dawn of personalized computing there have been literally millions of viruses, and yet only a select few have truly “gone viral.”  In recent years, one of the most infectious among these has been the Conficker worm, which at its peak in 2008 managed to infect 7 million computers worldwide.  Among the infected were military systems throughout Europe and personal computers throughout most of the western world.

The Conficker Worm

Conficker was so successful because it targeted a specific weakness in the design of the Windows XP operating system, which at the time was the most popular OS in the world.  This weakness was a design flaw in one of Windows XP’s network services, CVE-2008-4250.  A network service is essentially an application that runs in the background of your computer and controls communication with other machines on your network. The weakness of CVE-2008-4250 was that it allowed for remote execution of arbitrary code.  Conficker also combined the use of multiple advanced malware techniques, which allowed it to defend itself, to propagate, and to evolve.

In 2009, Microsoft Corporation formed an industry collaboration to combat Conficker and posted a $250,000 reward for any information leading to the arrest of its creators or distributors.  Still, Conficker’s authors remain unknown and undetected, and the worm still circulates around some of the darker corners of the web.

From the perspective of an antivirus professional, Conficker is the brainchild of some mad though ingenious scientist, hell-bent on destroying, or at the very least disabling, the world.   From the perspective of your everyday computer user, Conficker is the digital equivalent of catching a really bad cold.

In either case, it’s quite fascinating to take a look at what made the Conficker worm work and why it still remains a threat today.

How Conficker Spread

Conficker was successful because it leveraged a specific vulnerability in the most popular operating system in the world.  It also had somewhat of a redundant design.  In security systems, redundancy is the degree to which the system is fail safe.  A redundant system has multiple layers of protection put in place, so that if one layer fails another can pick up the slack.

Whether they are made for computers or physical buildings, redundant security systems are very effective.  In a way, Conficker turned redundancy on its head, taking a multilayered approach to infecting computers.  Not surprisingly, it worked like a charm.

Multiple Attack Vectors

Conficker was designed to be able to spread across numerous vectors, including:

1. 1) Computers that lacked updates
2. 2) Computers with File Sharing enabled
3. 3) Computers with weak passwords
4. 4) Removable Flash Drives

Vectors 1) and 2) can be attributed to the design flaw in network service CVE-2008-4250.  Vectors 3) and 4), however, were made possible by additional layers in Conficker’s design.

Weak Passwords Hacked with Dictionary Attack

Conficker demonstrates why it is so important for every computer user to utilize strong, unique passwords.  If Conficker came across a computer that was both fully updated and had file sharing disabled, it would then automatically run a dictionary attack to try and bypass that computer’s password protection.  A dictionary attack is essentially a guess and check approach to hacking, that attempts to enter your network by entering weak, commonplace passwords.

Conficker was loaded with numerous passwords.  Some examples include: password123, admin, coffee, 1234abcd, and unknown.  A full list of passwords can be viewed here.  As you can see, Conficker’s dictionary attack was surprisingly comprehensive, and because many people don’t take the time to create quality passwords it was also very effective — a fact that still holds true today.

Removable Flash Drive AutoRun

Conficker was designed to be spread, and part of that design included removable drive infection.  If Conficker worked its way onto a computer, it also made efforts to work its way onto any removable drive that was plugged into that computer.  This meant that if that drive were plugged into another computer, Conficker would be spread.

Conficker utilized a very crafty AutoRun feature, designed to fool users into installation.  If you’ve ever plugged a flash drive into your computer, you may be familiar with AutoRun.  AutoRun is that little window that pops up and asks you what you would like to do with your removable media.

Drives that contained Conficker utilized this pop up window by including an ambiguous option under AutoRun’s Install or a run a program heading.  This option was a nonthreatening Folder icon, accompanied by text that would read something like: Open folder to view files.  In reality, however, opening this folder would enact Conficker installation.

What Conficker Did

Once Conficker was installed onto a computer, it would go through a series of steps, designed to propagate the virus and to establish an impenetrable wall of self-defense.

Change Registry Settings

In addition to installing itself on a hidden folder, Conficker would change your registry settings so that you had no way of viewing hidden folders.  For the average PC user, this was more than enough complexity to allow Conficker to operate undetected.

Disable Updates and Services

Windows computers have a number of built-in security measures, including an auto-updater, an antivirus program, and a firewall.  The Conficker worm was built to disable all of these, so that it could then operate unimpeded.

Once those services were disable, Conficker would then begin to download arbitrary files from a pre-defined set of websites.  The end goal of this procedure was essentially to fill your computer with trash and thereby incapacitate it.

Website Blocking

Once Conficker began to download files, all but the most naive of computer users would begin to notice that something was wrong.  At this point, most people would then attempt to solve the problem by going online and trying to download antivirus software.

Probably the most impressive thing about Conficker was that it prevented people from doing this.  Conficker was programmed to block web searches that contained phrases related to antivirus software.  Among these phrases were the names of the most popular antivirus programs on the market, including Emsisoft!

Conficker Today

As time went on, Conficker was released in 5 different variants.  Each variant utilized some combination of the tools summarized above, and older variants were programmed to update themselves to newer ones after they run. 

Though Windows released a patch (MS08-067) for the CVE-2008-4250 network service vulnerability as early as October of 2008, Conficker continues to remain a threat to computer users across the world.  There are many reasons why Conficker is still potent. While the MS08-067 patch does make Windows computers more secure, and while most updated computers should be immune, there are still a few human factors that allow Conficker to propagate.

Conficker can still get into computers that utilize weak passwords.  Actually, any human with the inclination can get into a computer with a weak password.  It’s for this reason that we can recommend no simpler and no more effective antivirus measure than changing your password to something nonsensical and complex.

In addition, Conficker still fools people with its AutoRun feature.  This means that Conficker is still highly contagious in localized communities where coworkers and friends share flash drives – and the sheer number of computers in the world right now that are still operating on Windows XP gives Conficker ample room to flourish and grow.

Conficker was and still is successful because it utilizes a multipronged, redundant approach that is actually predictive of human behavior.  Whoever designed it clearly knew a thing or two about how to program a computer, but they also were well aware of how average computer users think.  It is this final aspect that may truly be what separates “successful” viruses from run-of-the-mill rogues and worms.  Malware is just as much human deception as it is fooling a machine, and anyone who wants to remain Malware-Free would do well to remember this.

Hackers create viruses because they want to mess with people.  Computers are just the vector, and with a just little (computer) information you can stay ahead of the threat and remain in control.

Related Posts:

• How many viruses are made by anti-virus companies?
• Hacking Identity Theft: Entry points, tools and prevention
• Protector Rogue Re-emerges
• Ransomware – The no. 1 threat for 2013
• Seriously? USA to legalize rootkits, spyware, ransomware and