Insider threats are more difficult to detect/prevent than they were in 2011

According to new research from the company Vormetric, approximately 54% IT-administrators believe that now more and more difficult to identify and prevent insider attacks, compared with 2011. 46% of respondents admitted that they suffer from similar threats. The reason for careful attention to insider activity was the scandal of Edward Snowden.

The main problem for 63% of the respondents was that the rights of employees to abuse their privileged status. 35% are concerned about the protection of the clouds, 36% think about network extensions, and 27% are afraid of APT, which can steal personal data. On the other hand, more than half of the organizations have begun to deal with insider threats, highlighting this extra money from the budget.

The recent scandal of Edward Snowden made the organization more closely relate to the risks that are caused by the activities of employees. 45% of companies reported changes his views on insider threats.

Free anti-virus package ClamAV 0.98 has been released

Free antivirus package ClamAV 0.98 has been presented. 

At the moment, the size of ClamAV virus database is approximately 2.8 million virus signatures - is three times more than was delivered in the 0.97.0 release. Base malware signature web- pages comprises almost 1.6 million entries, which is 4.5 times higher than in ClamAV 0.97.0.

ClamAV 0.97 Key improvements:

- Added new signatures for files, PDF, Flash and Java-classes. In signature-based hashes added support for specifying wildcards '*' in the sizes indicated, if the size is unknown;

- Support provided to unpack and scan the new file types, including iso-images in ISO9660 format and self-extracting archives 7z. Significantly increased the reliability of processing PDF, improved support for working with encrypted PDF- files;

- Implemented inspection certificate chain for a PE-file, equipped with a digital signature. If the trust -based digital signature is present on the root CA certificate tsenntra used to certify the file, the PE- file with a valid digital signature is placed in the white list. Simultaneously, based on the present information and compromised certificates that should be rejected. You can disable the scan directive;

In August, Symantec discovered 213 new variants of malicious programs for mobile devices

In addition, experts have found 469 new vulnerabilities, which is 13% higher than in August 2012.

Symantec has introduced a virus activity report for August 2013. Experts analyzed the level of spam, the most common scams on social networks, the number of malicious programs for mobile devices, and phishing attacks.

The authors of the study say that the most popular form of fraud in social networks has been spreading false information about the sale of the goods at a discount. This type of attack accounted for 82% of all attacks carried out in the social networks.

In the field of data breaches in August there was a kind of lull - only seven notices. However, even with nine violations that happened earlier in 2013, also said in August. Thus, from the beginning of the year all over the world Symantec managed to record 125 violations related to the loss of data.

In August of this year was also recorded 213 new variants of malicious programs for mobile devices. In addition, experts have found 469 new vulnerabilities, which is 13% higher than in August 2012.

Android-virus steals Email and SMS in India

A potentially dangerous virus that steals personal information and SMS of an Android-devices, has been found in India.

Operators and computer security experts are asked to be careful to work with the owners of the popular mobile platform. This malicious program is dangerous for all versions of Android, released before 4.2.2 (Jelly Bean). To avoid contamination, experts advise not to install programs from dubious online sources .

"We have discovered a critical vulnerability in the operating system Android. Bug allows attackers to install on smartphones and tablets running the OS malicious code that allows you to easily make changes to the functionality of the programs themselves . If you do not break the cryptographic signature of the program , which is why the application and passes Android", - said representatives of the Computer Emergency Response Team-India (CeRT-In).

Presented malware can be used to steal personal information, including e-mail addresses, IMEI- number, SMS and even installed applications. Moreover, the system can send SMS and make calls from infected devices without user consent.

Critical vulnerabilities found in Internet Explorer

A critical vulnerability found in all supported versions of web browser Internet Explorer, including IE6, IE7, IE8, IE9, IE10 and IE11, - said company Microsoft on portal TechNet.

The vulnerability affects all versions of Windows, from Windows XP, and ending with Windows 8.1, which is scheduled to release only in October.

The vulnerability allows an attacker to remotely execute arbitrary code on a victim's computer after the user visits an infected website. Vulnerability is based on an error, which resulted in IE tries to access an object in memory that has been deleted or has not been placed correctly.

In Microsoft said that in the present study reports on the attacks perpetrated by hackers, focusing mainly on IE8 and IE9.

One in Ten Consumers Have Lost Money to Online Fraud

The study showed that the majority of victims of online fraud live in the UK, USA and Malaysia.

One in ten Internet users in the world is becoming a victim of fraud in the implementation of online transactions. In this case, the most high level of risk are users of computers and laptops. This is evidenced by the results of research conducted by F-Secure, which was conducted in 15 countries, including Germany, Italy, France, Great Britain, Netherlands, Belgium, Sweden, Finland, Poland, the USA, Brazil, Chile, Colombia, Australia and Malaysia. In a survey of F-Secure 6000 people took part in age from 20 to 60 years.

The study indicated that the financial costs of online fraud suffered 12% of Europeans and 17% of people in other continents. The largest number of victims lived in the UK, USA and Malaysia.

Nowadays, more people are concerned about online safety when using computers than when using mobile devices and tablets. 69% of users around the world are wondering about their safety when they make purchases, read, send e-mail or play games online through their computers. 54% are concerned when using mobile devices, and only 43% with tablets.

ESET Social Media Scanner

ESET Social Media Scanner - beta version of the free application to protect your profiles on Twitter and Facebook

International antivirus company ESET announces the release of the beta version of ESET Social Media Scanner - a free app for the protection of users of social networks Twitter and Facebook.

The number of incidents involving the theft of accounts and the spread of malicious links in social networks is increasing rapidly.

In this regard, the company has developed anti-virus software ESET Social Media Scanner to protect the accounts of Twitter and Facebook. The solution scans the user profile for malicious links in private messages or comments, thus providing protection against infection.

Setting a Social Media Scanner in the social network Facebook, the user can manually or automatically scan your posts, and chronicling the news feed for malicious links. The solution also ensures the safety profile of Twitter using advanced scanning mechanisms of shortened links and detecting threats.

Big Business continues to ignore the Java threats

Big Business continues to ignore the threat that in itself can conceal the use of outdated versions of Java, the company said in a research Websence. According to this the company, about four fifths Java users in the corporate sector are not using the latest version of this environment .

Having missed the part of corporate traffic through its own cloud computing Websence ThreatSeeker Intelligence Cloud, the company found that about 40 % Java-queries go through interpreter Java 6 Standard Edition, though, that the version of Java 7 Standard Edition was released two years ago. Oracle completed the technical support Java 6SE in April of this year.

The analyst said that some may use the Java SE 6 for compatibility reasons , but most people are in danger of hacking exploits due to obsolete versions of the product. The general trend also indicates that about 81 % of browsers are vulnerable to at least two fresh problems with Java - CVE- 2013 -2473 and CVE- 2013 - 2463 identified in June of this year.

FBI Admits It Controlled Freedom Hosting Tor Servers

The Irish court last week, the FBI acknowledged the United States for the first time that they actually controlled the company - operator Tor- Freedom Hosting services for some time. Previously, a number of independent IT experts suspect the FBI or other U.S. power ministry to use Tor-exploits to control anonymous online transactions.

Eric Marquez, has dual US - Irish citizenship is now trying to fight extradition from Ireland to the United States, where he is accused of four counts related to the spread of pornography on the Internet. Now the Irish court released on bail Marquez . Sam Marquez is accused that he ran a hidden Tor- service Freedom Hosting, which housed the child pornography sites.

McAfee anti-virus software updated to version 2014

McAfee anti-virus developer officially announced the renewal of its core line of products for the protection of personal computers: McAfee AntiVirus Plus 2014, McAfee Internet Security 2014 and McAfee Total Protection 2014.

McAfee Security Products 2014 with support for Windows 8.1 - More about improvements

The largest developer of antivirus McAfee officially announced the renewal of its core line of products for the protection of personal computers. 2014 version offers significant performance and capacity while reducing the work load on the system resources and improve usability. Lineup 2014 includes products: McAfee Total Protection 2014, McAfee Internet Security 2014 and McAfee AntiVirus Plus 2014. Enhanced Virus Protection PC is also implemented in the recently released a fresh version of the service McAfee LiveSafeTM - the first cross-platform solutions for the comprehensive protection of users data of PC, Mac, smartphones and tablets.

Ashampoo Anti-Virus 2014 - the new dual-core antivirus

New antivirus Ashampoo Anti-Virus 2014 will be presented on September 25. The solution uses two anti-virus engine and Bitdefender Emsisoft, offering the necessary, effective and fast protection against viruses, trojans, spyware and others, including new threats.

Malware creators usually do not want users to notice how their computer has been infected. The system will be compromised secretly hidden viruses, spyware and other Internet threats without your knowledge.

As the developers of the new anti-virus solutions: "Ashampoo Anti-Virus 2014 is an important tool for the detection and removal of all existing malware with antivirus is able to constantly protect you from future threats. You'll be surprised how much time your computer is exposed to malicious attacks every day".

Main features of Ashampoo Anti-Virus 2014

Compared with the previous version of antivirus - Ashampoo Anti-Malware - the program received a completely new interface. Using the home page, you can quickly get to the desired section and easy to set up the required security component.

File monitor using two anti-virus engine and Bitdefender Emsisoft, provides real- time, keeping the system from infected programs and documents. Anti also controls access to the springtime devices and media data. Behavior control program protects against threats to " zero day ", which have not yet discovered signature-based methods.

Experts have discovered a new technology attacking users of online banking

Experts German antivirus software company G Data revealed a new technology cyber attack on customer payment systems on the Internet. It is based on the use of cloud technologies that allow attackers to effectively conceal their actions. With malware, virus writers can capture data on the payment transactions of the users. At the same time, the deployment of elements of malicious code into the "cloud " greatly complicates the analysis of attacks and the creation of effective tools to fight this new kind of threat .

Usually, banking Trojans used stored on the target machine configuration files. These files contain the addresses of sites that cyber criminals are planning to attack, and malicious code being introduced to these resources through banking Trojans. In the future, it is with this code, hackers can steal access data and personal information from users.

A few days ago, experts found the G Data particular configuration known banking Trojan ZeuS. Its principle of operation is different in that instead of implementing fully all malicious code to the target site, is only a small part of the malware in the form of Javascript, which then loads from the "cloud " the other components of malicious code. In the future, depending on the attacked site Trojan may ask, for example, to re-enter your credit card ostensibly for security purposes.

NSA is Working to Undermine Encrypted Communications in the Internet

Disclosed NSA (National Security Agency) activities to introduce backdoors to decrypt the encrypted traffic in the Internet

Another portion of classified U.S. intelligence reports disclosed by Edward Snowden, shows that U.S. National Security Agency developed a project to provide transcripts of almost all HTTPS and VPN communications.

To implement this feature was used not only practice request access to the private key encryption from vendors and identify vulnerabilities, but also attempts to implement backdoors in the implementation of encryption technologies and directly into the encryption standards.

No facts and evidence of the presence of bookmarks in RC4 and other technologies are not yet available , information is still limited to a common reference potential for exploitation of the methods used for communication via HTTPS and VPN, and the presence of an unnamed bookmarks in commercial products. Also not published a list of Internet companies and software vendors, collaborating with the NSA in terms of making the hidden vulnerabilities.

You can buy PHP script for effective DDoS-attacks for $800

This script uses compromised servers and supports four types of DDoS attack tactics.

Earlier this year, the organization US-CERT has released a notice that said that there were in the public domain recursive DNS- servers that are actively used to amplification the attack DNS (DNS amplification attack), a very effective method of DDoS-attacks .

Often the problem is incorrect configuration of domain name servers , which allows an attacker to send DNS- query in which the source address is replaced by the address of the victim . When the DNS- server sends a response , it contains the address of the victim. A huge number of these false requests causes the final denial of service .

Perhaps some system administrators in the United States have taken a serious threat to their own servers and reconfigured in such a way as to prevent further break-ins , but this method of attack remains popular, not only in the West.

Microsoft and Google are requesting permission to publish data about the number of requests

Microsoft and Google are requesting permission to publish data on the number of requests received from the Government

Companies believe that the government has no evidence that the disclosure of statistical data could harm the state.

In the Monday, September 9, Microsoft, Google, Yahoo! and Facebook are applied to the Court for the U.S. intelligence (US Foreign Intelligence Surveillance Court, FISC) for permission to publish statistics on the number of requests received by companies from the government. Microsoft and Google filed a petition for disclosure of these data are still many weeks ago, but their case was postponed at the request of the government. Negotiations with the government companies have failed, so the proceedings will FISC.

Yahoo sues National Security Agency

American Internet company Yahoo! has filed a lawsuit against the U.S. National Security Agency ( NSA ), to defend the right to publish information on the number of requests that U.S. intelligence agencies were doing to gain access to the personal data of users, the newspaper Guardian.

Yahoo! has made in mid-July in the court of law to publish the documents on personal data collection program PRISM. The documents concern attempts to Yahoo! decline to provide personal data of its users at the request of the NSA. A U.S. court ruled that the U.S. Department of Justice is obliged to declassify documents that in 2009 the company Yahoo, according to her statement, "strongly protested " against the government structures of user data. The Court defined the term declassification of documents and the decision on the case until September, that does not mean full disclosure , since the U.S. government continues to edit for publication some of them , which , according to the authorities, must remain secret .

"We went to court because we have no right to disclose ( information on the number ) queries," - said the representative of the company. On Monday, a similar initiative was the largest of Microsoft and Google, for even greater transparency in the matter of interaction with special services.

New backdoor intercepts input data from the keyboard

The company "Dr. Web" warned of spreading malware BackDoor.Saker.1, which bypassing mechanism to control user accounts. The main function of BackDoor.Saker.1 - execution command coming from intruders, and most importantly, to intercept the keys pressed by the user ( keylogging ) .

Infiltrating for becoming infected computer , the Trojan executes the file temp.exe, designed to circumvent the system UAC (User Accounts Control). This file extracts the resources of the library for bypass UAC and incorporated into the process explorer.exe. Thereafter the library is stored in a system folder. Then when you start the system utility Sysprep, the library is launching a malicious application ps.exe, detected by Dr.Web anti-virus software as Trojan.MulDrop4.61259. In turn, this saves the file to another folder, another library which registers in the Windows registry as a service with the name "Net Security Service" and the following description : "keep watch on system security and configuration.if this services is stopped, protoected content might not be down loaded to the device". It was in the library and the main focus malicious backdoor functionality.

Kaspersky Anti-Virus and Kaspersky Internet Security received the update

The new version of Kaspersky Anti-Virus and Kaspersky Internet Security are designed to meet the growing security requirements of the users. Both products have anti-virus technology , " Meta - scanner " that checks files for malicious code fragments typical of the programs , exploits. "Meta - scanner " is designed primarily for search and lock the newest and most dangerous threats for which data may not be available in the antivirus databases .

However, even if the threat does not apply to most new and complex , it can be very dangerous , even for users whose computers are protected by anti-virus solution . To this type belong programs - extortionists , many of which block the user to interact with the computer and demand money in exchange for unlocking . Most of these programs successfully detected by antivirus software , but often inexperienced users install them , ignoring warnings protective solutions . For example, when a malicious program disguised as a music file or a legitimate application that the user wants to run.