A recent development regarding the Conficker virus has been detected, where it is now directing infected machines to download new, harmful files, thus activating the botnet. Here’s how this new behavior works:
Conficker sends out email spam without the PC owner’s knowledge. In addition, Conficker uses pop-ups to warn of PC infection and offers fake antivirus software, called 'SpywareProtect2009' at a price of $49.95. If purchased, credit card information is stolen and the virus downloads even more malicious software.
If you encounter a pop-up like this, do not click on the pop-up at all - not even to close the box. To remove the pop-up without infection, open your Task Manager (Ctrl+Alt+Delete), and end the task from your Browser (Explorer, Firefox, etc.). You should take additional precautions to ensure you are not already infected and have adequate protection:
• Keep your Operating Software up-to-date
• Learn more about Conficker
• Invest in a high-end security product
Showing posts with label anti-malware. Show all posts
Showing posts with label anti-malware. Show all posts
Tuesday, May 05, 2009
Monday, May 04, 2009
Sonicwall TZ210 UTM Appliance
The SonicWALL TZ 210 Series of network security appliances eliminates firewall performance bottlenecks while delivering unsurpassed Unified Threat Management (UTM) protection. Unlike other vendors’ solutions, the SonicWALL TZ 210 offers both protection and performance without compromise. The TZ 210 and TZ 210 Wireless-N deliver unmatched stateful packet inspection speeds of up to 200 Mbps, dramatically improving network performance and allowing you to get the most out of your network investment. The improved performance enables SonicWALL’s patented Deep Packet Inspection technology to inspect and ruthlessly eliminate viruses, spyware, and other threats. The TZ 210 provides a full range of firewall capabilities in an easy-to-manage solution that can adapt to standalone or distributed configurations. Like more than a million other SonicWALL appliances protecting businesses around the world, each TZ 210 delivers reliable, cost-effective network protection and performance.
Protection - Keep your network safe from threats
Performance - Remove the network performance bottleneck
Flexibility - Fits into any small or distributed enterprise organization
Ease-of-Use - Easy to set-up, operate and manage
Business Continuity - Failover, failback and more
Protection
Deep Packet Inspection Engine - A configurable, high-performance deep packet inspection engine for extended protection to key Internet services such as Web, e-mail, file transfer, Windows services and DNS
ICSA-Certified Stateful Packet Inspection Firewall - Industry-recognized standards for enterprise-class firewall protection, ensuring the integrity and validity of each connection, packet, source and destination
Comprehensive Security - Supports SonicWALL’s suite of security services including Gateway Anti-Virus and Anti-Spyware, Intrusion Prevention Service, Enforced Client Anti-Virus, Content Filtering Service and Global Security Client.
SonicWALL PortShield - The SonicWALL PortShield architecture provides the flexibility to configure port level security for the LAN, providing protection not only from the WAN and DMZ, but also between devices inside the LAN.
Performance
High-performance Architecture - Utilizing the advanced processing technology found in the SonicWALL NSA Series, the TZ 210 delivers throughput speeds of up to 100 Mbps.
Wireless (802.11b/g/n) - Supports the 802.11n standard which is over five times faster than the current status quo of 802.11g.
Gigabit Interfaces - Includes 2 Gigabit Ethernet Interfaces and 5 Fast Ethernet interfaces to deliver bottleneck-free network performance.
Flexibility with Control
Wireless Guest Services - Create user accounts for occasional guest users such as consultants and contractors that permit wireless connections to the Internet without providing access to the corporate network.
Multiple Zones for Different User Types - Create multiple zones of access for different user types, providing an unprecedented level of control without compromising the security of the network.
Time-based and Group Policies - Create security policies that can be enforced according to pre-defined schedules. Specify start and end ranges on an individual or group policy basis, offering more granular network control. Create and assign security policies to a large number of users with minimal effort, simplifying User Level Authentication for Internet and VPN access.
Virtual Private Networking - Enable secure site-to-site VPN connections with IPSec-based connectivity. For secure remote access, both SSL VPN and IPSec VPN clients are included enabling gateway enforcment, centralized management and configuration flexibility in managing and securing remote workforce network access.
Ease-Of-Use
Set-up and Management - An innovative Web interface utilizes a comprehensive suite of easy-to-use configuration and management wizards designed to guide you through the set-up of common network configurations (e.g., public server wizard, VPN wizard, NAT wizard).
Integrated auto-MDIX Ports - An integrated 5-port auto-MDIX switch automatically and transparently detects and corrects incorrectly wired cables such as cross-over cables, making network installation substantially simpler and less expensive.
Comprehensive Central Management Using SonicWALL GMS - SonicWALL’s award-winning Global Management System (GMS) provides network administrators with the tools for simplified configuration, enforcement and management of multiple global security policies, VPN and services for multiple system, all from a central location.
Business Continuity
Failover and Failback Technologies - Ensures continuous uptime for IPSec VPN tunnels by failing over to a wireless WAN connection should the broadband connection fail. Once the broadband is re-established, the TZ 210 fails back, providing the best connection speed possible.
WAN Redundancy and Load Balancing - Configure a secondary WAN port, delivering highly reliable network connectivity and robust performance. This secondary WAN port can be used in “active-active” load sharing or failover configuration providing a highly-efficient method for maximizing total network bandwidth.
ISP Failover - Ensure continuous uptime for Internet and IPSec VPN connectivity by failing over to a second ISP link should the primary link fail. Through ISP failover, the TZ 210 delivers highly reliable network connectivity for constant access to critical data.
Protection - Keep your network safe from threats
Performance - Remove the network performance bottleneck
Flexibility - Fits into any small or distributed enterprise organization
Ease-of-Use - Easy to set-up, operate and manage
Business Continuity - Failover, failback and more
Protection
Deep Packet Inspection Engine - A configurable, high-performance deep packet inspection engine for extended protection to key Internet services such as Web, e-mail, file transfer, Windows services and DNS
ICSA-Certified Stateful Packet Inspection Firewall - Industry-recognized standards for enterprise-class firewall protection, ensuring the integrity and validity of each connection, packet, source and destination
Comprehensive Security - Supports SonicWALL’s suite of security services including Gateway Anti-Virus and Anti-Spyware, Intrusion Prevention Service, Enforced Client Anti-Virus, Content Filtering Service and Global Security Client.
SonicWALL PortShield - The SonicWALL PortShield architecture provides the flexibility to configure port level security for the LAN, providing protection not only from the WAN and DMZ, but also between devices inside the LAN.
Performance
High-performance Architecture - Utilizing the advanced processing technology found in the SonicWALL NSA Series, the TZ 210 delivers throughput speeds of up to 100 Mbps.
Wireless (802.11b/g/n) - Supports the 802.11n standard which is over five times faster than the current status quo of 802.11g.
Gigabit Interfaces - Includes 2 Gigabit Ethernet Interfaces and 5 Fast Ethernet interfaces to deliver bottleneck-free network performance.
Flexibility with Control
Wireless Guest Services - Create user accounts for occasional guest users such as consultants and contractors that permit wireless connections to the Internet without providing access to the corporate network.
Multiple Zones for Different User Types - Create multiple zones of access for different user types, providing an unprecedented level of control without compromising the security of the network.
Time-based and Group Policies - Create security policies that can be enforced according to pre-defined schedules. Specify start and end ranges on an individual or group policy basis, offering more granular network control. Create and assign security policies to a large number of users with minimal effort, simplifying User Level Authentication for Internet and VPN access.
Virtual Private Networking - Enable secure site-to-site VPN connections with IPSec-based connectivity. For secure remote access, both SSL VPN and IPSec VPN clients are included enabling gateway enforcment, centralized management and configuration flexibility in managing and securing remote workforce network access.
Ease-Of-Use
Set-up and Management - An innovative Web interface utilizes a comprehensive suite of easy-to-use configuration and management wizards designed to guide you through the set-up of common network configurations (e.g., public server wizard, VPN wizard, NAT wizard).
Integrated auto-MDIX Ports - An integrated 5-port auto-MDIX switch automatically and transparently detects and corrects incorrectly wired cables such as cross-over cables, making network installation substantially simpler and less expensive.
Comprehensive Central Management Using SonicWALL GMS - SonicWALL’s award-winning Global Management System (GMS) provides network administrators with the tools for simplified configuration, enforcement and management of multiple global security policies, VPN and services for multiple system, all from a central location.
Business Continuity
Failover and Failback Technologies - Ensures continuous uptime for IPSec VPN tunnels by failing over to a wireless WAN connection should the broadband connection fail. Once the broadband is re-established, the TZ 210 fails back, providing the best connection speed possible.
WAN Redundancy and Load Balancing - Configure a secondary WAN port, delivering highly reliable network connectivity and robust performance. This secondary WAN port can be used in “active-active” load sharing or failover configuration providing a highly-efficient method for maximizing total network bandwidth.
ISP Failover - Ensure continuous uptime for Internet and IPSec VPN connectivity by failing over to a second ISP link should the primary link fail. Through ISP failover, the TZ 210 delivers highly reliable network connectivity for constant access to critical data.
Tuesday, March 31, 2009
Conflicker Worm
Courtesy of Trend Micro, here are some valuable tips.
How do I know whether my my PCs are infected?
Scan your PCs using their current Trend Micro product or HouseCall to see whether they are infected. If it is determined that they are infected, find instructions for removal below:
•
Consumers
•
Small Business
•
Medium Business, Enterprise
How do I protect my PCs from being infected?
•
Immediately install patches/updates for MS08067 and other vulnerabilities as soon as vendors release these patches. You should configure their PCs to receive automatic updates and patches from Microsoft and software vendors.
•
Make sure your security software is up to date.
•
Disable the “Drive Auto-run” feature to avoid infections from USB drives.
•
Employ secure passwords using a combination of letters, numbers and symbols and frequently change them.
•
Take caution when searching online for DOWNAD and Conficker information. There are reports of rogue antivirus packages that are taking advantage of the situation. They will tell you that you are infected and ask you to pay money to download their application, which in many cases turns out to be malware.
Additional information from Sophos
In less than six months, the Conficker/Downadup worm has infected thousands of business networks--making it the most widespread worm infection since SQL Slammer in 2003.
If your computers are unpatched, they’re still at risk.
Download a free Conficker detection and removal tool from Sophos
Conficker uses advanced malware techniques to exploit vulnerable computers, weak passwords and USB storage devices. Learn more about how the Conficker worm works in a free 10-minute podcast with Paul Ducklin of Sophos.
Listen to the podcast about Conficker
For all your security needs, contact Ashlin.
How do I know whether my my PCs are infected?
Scan your PCs using their current Trend Micro product or HouseCall to see whether they are infected. If it is determined that they are infected, find instructions for removal below:
•
Consumers
•
Small Business
•
Medium Business, Enterprise
How do I protect my PCs from being infected?
•
Immediately install patches/updates for MS08067 and other vulnerabilities as soon as vendors release these patches. You should configure their PCs to receive automatic updates and patches from Microsoft and software vendors.
•
Make sure your security software is up to date.
•
Disable the “Drive Auto-run” feature to avoid infections from USB drives.
•
Employ secure passwords using a combination of letters, numbers and symbols and frequently change them.
•
Take caution when searching online for DOWNAD and Conficker information. There are reports of rogue antivirus packages that are taking advantage of the situation. They will tell you that you are infected and ask you to pay money to download their application, which in many cases turns out to be malware.
Additional information from Sophos
In less than six months, the Conficker/Downadup worm has infected thousands of business networks--making it the most widespread worm infection since SQL Slammer in 2003.
If your computers are unpatched, they’re still at risk.
Download a free Conficker detection and removal tool from Sophos
Conficker uses advanced malware techniques to exploit vulnerable computers, weak passwords and USB storage devices. Learn more about how the Conficker worm works in a free 10-minute podcast with Paul Ducklin of Sophos.
Listen to the podcast about Conficker
For all your security needs, contact Ashlin.
Thursday, December 14, 2006
NOD32 Antivirus wins another award
An AV-Comparatives 2006 summary recognizing leadership in a couple of comparative categories including Overall Winner for 2006
I have used NOD32/ESET for more than 2 years, enjoying its small footprint and exceptional malware detection and removal. The av-comparatives organization recognizes NOD32 yet again for these and other qualities, naming NOD32/ESET as the overall winner for another year.
I have used NOD32/ESET for more than 2 years, enjoying its small footprint and exceptional malware detection and removal. The av-comparatives organization recognizes NOD32 yet again for these and other qualities, naming NOD32/ESET as the overall winner for another year.
Monday, November 20, 2006
ESET Antivirus Software Offers Support for Microsoft Vista and Enhanced Rootkit Protection
ESET, the leader in proactive threat protection, released its upgrade to ESET NOD32 Antivirus software, version 2.7, with support for Microsoft Windows Vista. The enhanced software is one of the few malware solutions on the market today that is fully compatible with x64 versions of Vista, Windows XP and Windows Server 2003. In addition, the upgrade to ESET NOD32 also features enhanced anti-stealth technology that offers more comprehensive protection against rootkits through its ability to see the true state of running processes and the file system. Rootkits enable hackers to maintain control of a compromised system by hiding their presence.
ESET’s rootkit protection is integrated into the ThreatSense® engine. Competitors typically offer this kind of solution as a stand-alone tool or as part of a larger suite. ESET NOD32 makes it easy for users to be protected with minimal system impact.
“As online threats complete the shift from glory-seekers wreaking havoc to today's professional criminals seeking profit, it is more important than ever to have strong defenses in place,” said Jonathan Singer, host based and consumer security analyst at Yankee Group. “Anti-malware products like ESET’s NOD32, which include protection against viruses, spyware and rootkits, provide a good security foundation for businesses and consumers alike.”
“Given that rootkits make it more difficult to detect intrusions in a system, they are one of the greatest threats today,” said Randy Abrams, director of technical education at ESET, LLC. “ESET NOD32 version 2.7 protects users by offering improved rootkit detection and protection by proactively and transparently defeating active rootkits.”
I have been using NOD32 for two years and find it to be the most comprehensive anti-malware (anti-virus, anti-adware, anti-spyware) product on the market. Its heuristic mechanism is so powerful, that some users who have not renewed the subscriptions still have had full protection.
What’s New in NOD32, version 2.7:
- Support for 32-bit and 64-bit versions of Microsoft’s Windows Vista operating system.
- Improved rootkit protection and detection that proactively and transparently defeats active rootkits, which are typically hidden from the user.
- Expanded categorization of malware includes potentially unwanted applications such as adware that may not be malicious, and the renaming of potentially unsafe applications like keyloggers, remote administrators, etc. These categories are capable of being turned off or on.
Subscribe to:
Posts (Atom)
