It’s self-serving, but a new study by McAfee Inc. and the National Cyber Security Alliance has found that 78 percent of consumer PCs in the U.S. are not protected (defined as having up-to-date AV, spyware and a properly configured firewall). What’s interesting, though is how many people think they are protected: 93 percent according the survey, which is set to be released Monday. http://news.yahoo.com/s/pcworld/20070928/tc_pcworld/137856
An online malware measuring tool has unexpectedly rated U.K. PCs as having the lowest level of infection in Europe. The Nanoscan tool, which can be downloaded as a plug-in from the site of owner Panda Software, put the U.K. in bottom spot last week, with only 8.1 percent of those scanned showing active malware. By a separate measure, that of ‘latent’ or inactive malware, however, the U.K. fared less well, reaching 20.7 percent. Top of the infection list for active malware was France (28.2 percent), Mexico (23.1 percent), Brazil (18 percent), the U.S. (17.8 percent), and Argentina (17.4 percent). http://news.yahoo.com/s/pcworld/20070929/tc_pcworld/137711
A laptop containing unencrypted personal information for 800,000 people who applied for jobs with clothing retailer Gap Inc. has been stolen. The computer contained social security numbers and other sensitive information belonging to residents of the US and Puerto Rico who applied online or by phone for jobs from July 2006 to June 2007, the retailer said in this list of frequently asked questions. Details for applicants living in Canada were also exposed, although they didn’t include social insurance numbers. http://www.theregister.com/2007/09/28/gap_data_breach/
Windows administrators who have missed AutoPatcher, an independent, free patch distribution tool that was shut down by Microsoft, will be relieved to hear it may be making a comeback. In August, Microsoft told AutoPatcher to stop making the tool available. AutoPatcher combined Microsoft and other application patches, along with registry tweaks, without remaining connected to the Internet. Antonis Kaladis, AutoPatcher’s project leader, said this week he hopes to have the new version of AutoPatcher available in early October. Complete article at http://searchwinit.techtarget.com/originalContent/0,289142,sid1_gci1274357,00.html link via GRC.com Newsgroup
you got active subscription of Norton Internet Security 2007. It’s free upgrade as per Symantec: Norton Internet Security 2007 users with an up-to-date subscription are entitled to an upgrade to 2008 and can use their existing Norton Internet Security 2007 product key to unlock the free trial. http://www.symantec.com/norton/blog/detail.jsp?blogid=performance_impact&profileid=tom_powledge via Calendar of Updates
Screenshots and details at http://www.dozleng.com/updates/index.php?showtopic=15769 Update: Symantec respond and will address the issue in today’s definitions. 2nd Update: Symantec released their new defs for Sept. 29 rev. 7 but it continues to detect Adware.Mirar if the system is immunized using Spybot S&D. I reported again to Symantec. New screenshots at the above link. 3rd Update: This issue is now fixed if Sept. 30th daily defs update is installed (Definition version 90930r, Extended Version: 9/30/2007 rev. 18). You can download it from http://www.symantec.com/avcenter/defs.download.html or use LiveUpdate
Microsoft’s dream of a Vista only world moved farther out on the horizon yesterday as the software firm admitted it would extend sales of Windows XP by another five months. XP was supposed to be off the vendor’s price list by the end of January 2008. Now it will stick around until the end of the second quarter. http://www.theregister.com/2007/09/28/microsoft_xp_deadline/
If the crooks behind viruses, Trojan horses, and other malicious software were as stupid as they are scummy, we’d have a lot less to worry about. But as protective measures get better at stopping the obvious attacks, online creeps respond with underhanded moves to invade your PC. Here are five of their dirtiest tricks, all based on Trojan horses: 1. Don’t mind me–I’m only here to break your PC2. Locked and encrypted Web sites? No problem3. Malware that scans your PC for malware4. Equal-opportunity encryption5. Hi, firewall. I’m Windows Update. Honest Read the description of each at http://www.pcworld.com/article/id,137364/article.html via http://blogs.stopbadware.org/articles/2007/09/28/new-tricks-old-defenses … Continue reading Five of the Dirtiest Malware Tricks
A project aimed at developing defences against malware that attacks unpatched vulnerabilities involved tests on samples developed by the NSA. The ultra-secretive US spy agency supplied network testing firm Iometrix with eight worms as part of its plans to develop what it describes as the industry’s first Zero-day Attack Test Platform. Richard Dagnell, VP of sales and marketing at Iometrix, said the six month project also featured tests involving two worm samples developed by a convicted hacker. The potency of the malware supplied by the NSA far exceeded that created by the hacker. http://www.theregister.com/2007/09/28/nsa_hacker_malware_defense_project/
America Online is working on a patch for what security researchers are calling a “major vulnerability” in the company’s highly popular Instant Messenger application. Researchers at Core Security Technologies Wednesday disclosed a bug that they say could severely impact the millions of registered users of AOL’s instant-messaging service, AIM. The flaw, according to Core Security, would enable a series of attacks — enabling a remote hacker to execute malicious code, exploit Internet Explorer bugs, and inject scripting code in the IE browser. http://news.yahoo.com/s/cmp/20070928/tc_cmp/202102449
