• Categories

  • Browsers
  • Business Software
  • Communications
  • Desktop Enhancements
  • Developer Tools
  • Digital Photo Software
  • Downloads
  • Drivers
  • Educational Software
  • Games
  • Graphic Design Software
  • Home Software
  • Internet Software
  • iTunes and iPod Software
  • Linux
  • MP3 Audio Software
  • Networking Software
  • Productivity Software
  • Screensavers and Wallpaper
  • Security Software
  • Software News
  • Utilities and Operating Systems
  • Video Software

• Archives

  • February 2012
  • January 2012
  • December 2011
  • November 2011
  • October 2011
  • September 2011
  • August 2011
  • July 2011
  • June 2011
  • May 2011
  • April 2011
  • March 2011
  • February 2011
  • January 2011
  • December 2010
  • November 2010
  • October 2010
  • September 2010
  • August 2010
  • July 2010
  • June 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • November 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009

• Links

  • Gadget Mania
  • Gadget Reviews
  • USB World
  

• Meta

  • Log in
  • WordPress
  • XHTML
Tweet

2010 Computer Threat Trends, PandaLabs forecast

Fake antivirus, bots and banker Trojans will continue to increase

Cyber-criminals will keep fine-tuning their social engineering skills to trick victims

More malware will be created for Windows 7 and Mac operating systems

The term ‘cyber war’ will become more familiar as politically-motivated attacks across the Internet increase

PandaLabs, Panda Security’s malware analysis and detection laboratory, has released its forecast of computer threat trends for 2010. PandaLabs predicts that in 2010, the amount of malware in circulation will continue to grow exponentially as it has in 2009. As anti-malware technologies are able to respond closer to real-time through cloud-based innovations such as Panda’s Collective Intelligence, malware creators will respond by generating even more diverse threats to evade detection and elimination. Once again malware will be designed almost exclusively for financial gain, and we can expect to see many new fake antivirus strains (rogueware), bots and banker Trojans.

Social Engineering Continues to Rise

Cyber-criminals will again be focusing on social engineering techniques to infect computers, particularly those targeting search engines (BlackHat SEO) and social networks, along with ‘drive-by-download’ infections from Web pages.

As the football World Cup takes place in South Africa, we can also expect to see significant amounts of malware related to this event: false ticket offers, junk mail, etc. It is always a good idea to be suspicious of any messages related with current affairs and large events such as this.

In the case of social networks, there have already been many examples of worms and Trojans targeting Twitter and Facebook. Malware creators will continue to be drawn to these types of platforms that are used by millions of people.

Watch Out Windows 7

Windows 7 will have a major impact on malware development: where Windows Vista hardly caused a ripple, Windows 7 will make waves. One of the main reasons is the widespread market acceptance of this new operating system, and since practically every new computer comes loaded with Windows 7 64-bit, criminals will be busy adapting malware to the new environment. It may take time, but we expect to see a major shift towards this platform over the next two years.

Mobile Phone Attacks – Not Yet!

Several security companies have been warning for some time that malware is soon to affect cell phones in much the same way as it affects PCs. Well, we hate to rain on their parade, but 2010 will not be the year of malware for cell phones.

The PC is a homogenous platform, with 90 percent of the world’s computers running Windows on Intel, meaning that any new Trojan, or worm has a potential victim pool of 90 percent of the world’s computers. The mobile phone environment is much more heterogeneous, with numerous vendors using different hardware and different operating systems.

Applications continue to be incompatible from one operating system to another. Therefore it is unlikely that 2010 will see widespread targeting of cell phones by malware. In any event, this year will witness many changes in the world of mobile telephony with more smartphones offering practically the same features as a PC; the emergence of Google Phone — the first phone sold directly by Google without tying users to specific operators; the increasing popularity of Android; and of course the iPhone. If in the next couple of years there are only two or three popular platforms, and if people make significantly more financial transactions from their phones, then the potential breeding ground for cyber-crime will be significant enough to be concerned.

Mac Becoming Increasingly Attractive to Cyber-Criminals

Mac’s market share has increased in recent years. Although the number of users has yet to reach the critical mass required to make it as profitable as PCs for cyber-criminals, it is nevertheless becoming more attractive. Mac is used just as PCs are to access social networks, email, and the Internet: the main malware distribution systems used by cyber-criminals. Consequently, Mac is no longer a safe haven against malware. These criminals can easily distinguish whether a system is Mac, and they are creating malware designed especially to target this OS. In 2009, we have already seen some attacks, and predict there are more to come in 2010.

Cyber war

Throughout 2009, governments around the world including the United States, the UK and Spain, have expressed concern about the potential for cyber-attacks to affect economies or critical infrastructure. We also saw this year how several Web pages in the United States and South Korea were the subject of attacks, with suspicion — as yet unapproved — pointing at North Korea. In 2010, we can expect to see similar politically-motivated attacks.

Securing the Cloud

Cloud-based services will continue to grow in popularity among consumers and business users alike. As this happens, the security industry must be acutely aware of cybercriminals’ moves to take advantage of this new platform.

Cloud Antivirus Technology on the Rise

2010 will be the year in which all anti-malware companies will innovate to remain competitive as cloud-based security becomes the most effective way to fight today’s malware. In 2007, Panda Security launched its first product which took advantage of the cloud. Now in 2009, all the company’s products use it and we have launched the first 100 percent cloud-based free antivirus: Panda Cloud Antivirus (www.cloudantivirus.com), and Panda has noticed that the rest of the marketplace is beginning to follow suit.

Source: Panda Security

Trend Micro 2010 Future Threat Report

Virtualization, Cloud-Computing and a Shifting Internet Infrastructure Will Widen the Scope of Cybercrime

Using news headlines and the latest technological trends, cybercriminals are brilliantly agile at exploiting whatever is trendy for cash and profit. Now, the growing popularity of cloud computing and virtualization among companies is likely to catch the attention of criminals scheming for the next hot cyber-swindle.

According to the Trend Micro 2010 Future Threat Report, cloud computing and virtualization — while offering significant benefits and cost-savings — move servers outside the traditional security perimeter and expand the playing field for cybercriminals. The industry already witnessed Danger/Sidekick’s cloud-based server failure that caused major data outages in November 2009, highlighting cloud-computing risks that cybercriminals will likely abuse. Trend Micro believes cybercriminals will either be manipulating the connection to the cloud, or attacking the data center and cloud itself.

The Internet infrastructure is changing, opening more opportunities for cybercrime

The “next-generation” protocol designed by the Internet Engineering Task Force, Internet Protocol v. 6, is still in the experimentation stages of replacing the current IPv4, now 20 years old. As users start to explore IPv6, so will cybercriminals, and we can expect to see proof-of-concept elements in IPv6 start to materialize in the upcoming new year. Possible avenues for abuse include new covert channels or C&C. But don’t expect active targeting of IPv6 address space–at least not in the very immediate future.

Domain names are becoming more internationalized and the introduction of regional top-level domains (Russian, Chinese, and Arabic characters) will create new opportunities to launch age-old attacks through look-alike domains for phishing – using Cyrillic characters in place of similar looking Latin characters. Trend Micro predicts this will lead to reputation problems and abuse that will challenge security companies.

Social media and social networks will be used by cybercriminals to enter the users’ “circle of trust”

Social engineering will continue to play a big role in the propagation of threats. But given the increasing saturation of social media with content intended to be shared via online social interactions, cybercriminals will definitely try to penetrate and compromise popular communities more than ever in 2010.

Social networks are also ripe venues for stealing personally identifiable information (PII). The quality and quantity of data posted openly by most trusting users on their profile pages, combined with interaction clues, are more than enough for cybercriminals to stage identity thefts and targeted social engineering attacks. The situation will worsen in 2010, with high-profile personalities suffering from online impersonators or stolen bank accounts.

The extinction of global outbreaks, and the growth of localized, targeted attacks

The threat landscape has shifted and we are no longer seeing global outbreaks like Slammer or CodeRed. Even the much covered Conficker incident of 2008 and early 2009 was not a global outbreak by its true definition; rather it was a carefully orchestrated and architected attack. Moving forward, localized and targeted attacks are expected to grow in their number and sophistication.

More key forecasts for 2010 and beyond:
– It’s all about money, so cybercrime will not go away.
– Windows 7 will have an impact since it is less secure than Vista in the default configuration.
– Risk mitigation is not as viable an option anymore-even with alternative Browsers /alternative operating systems.
– Malware is changing its shape – every few hours.
– Drive-by infections are the norm – one Web visit is enough to get infected.
– New attack vectors will arise for virtualized/cloud environments.
– Bots can’t be stopped anymore, and will be around forever.
– Company/Social networks will continue to be shaken by data breaches.

Source: Trend Micro Incorporated

Security Trends to Watch in 2010 – Symantec

Symantec  2010 Security Predictions

Antivirus is Not Enough – With the rise of polymorphic threats and the explosion of unique malware variants in 2009, the industry is quickly realizing that traditional approaches to antivirus, both file signatures and heuristic/behavioural capabilities, are not enough to protect against today’s threats. We have reached an inflection point where new malicious programs are actually being created at a higher rate than good programs. As such, we have also reached a point where it no longer makes sense to focus solely on analyzing malware. Instead, approaches to security that look to ways to include all software files, such as reputation-based security, will become key in 2010.

Social Engineering as the Primary Attack Vector – More and more, attackers are going directly after the end user and attempting to trick them into downloading malware or divulging sensitive information under the auspice that they are doing something perfectly innocent. Social engineering’s popularity is at least in part spurred by the fact that what operating system and Web browser rests on a user’s computer is largely irrelevant, as it is the actual user being targeted, not necessarily vulnerabilities on the machine. Social engineering is already one of the primary attack vectors being used today, and Symantec estimates that the number of attempted attacks using social engineering techniques is sure to increase in 2010.

Rogue Security Software Vendors Escalate Their Efforts – In 2010, expect to see the propagators of rogue security software scams take their efforts to the next level, even by hijacking users’ computers, rendering them useless and holding them for ransom. A less drastic next step, however, would be software that is not explicitly malicious, but dubious at best. For example, Symantec has already observed some rogue antivirus vendors selling rebranded copies of free third-party antivirus software as their own offerings. In these cases, users are technically getting the antivirus software that they pay for, but the reality is that this same software can actually be downloaded for free elsewhere.

Social Networking Third-Party Applications Will be the Target of Fraud – With the popularity of social networking sites poised for another year of unprecedented growth, expect to see fraud being leveraged against site users to grow. In the same vein, expect owners of these sites to create more proactive measures to address these threats. As this occurs, and as these sites more readily provide third-party developer access to their APIs, attackers will likely turn to vulnerabilities in third-party applications for users’ social networking accounts, just as we have seen attackers leverage browser plug-ins more as Web browsers themselves become more secure.

Windows 7 Will Come into the Cross-Hairs of Attackers - Microsoft has already released the first security patches for the new operating system. As long as humans are programming computer code, flaws will be introduced, no matter how thorough pre-release testing is, and the more complex the code, the more likely that undiscovered vulnerabilities exist. Microsoft’s new operating system is no exception, and as Windows 7 hits the pavement and gains traction in 2010, attackers will undoubtedly find ways to exploit its users.

Fast Flux Botnets Increase – Fast flux is a technique used by some botnets, such as the Storm botnet, to hide phishing and malicious Web sites behind an ever-changing network of compromised hosts acting as proxies. Using a combination of peer-to-peer networking, distributed command and control, web-based load balancing and proxy redirection, it makes it difficult to trace the botnets’ original geo-location. As industry counter measures continue to reduce the effectiveness of traditional botnets, expect to see more using this technique being used to carry out attacks.

URL Shortening Services Become the Phisher’s Best Friend - Because users often have no idea where a shortened URL is actually sending them, phishers are able to disguise links that the average security conscious user might think twice about clicking on. Symantec is already seeing a trend toward using this tactic to distribute misleading applications and we expect much more to come. Also, in an attempt to evade antispam filters through obfuscation, expect spammers to leverage shortened URLs shorteners to carry out their own evil deeds.

Mac and Mobile Malware Will Increase – The number of attacks designed to exploit a certain operating system or platform is directly related to that platform’s market share, as malware authors are out to make money and always want the biggest bang for their buck. In 2009, we saw Macs and smartphones targeted more by malware authors, for example the Sexy Space botnet aimed at the Symbian mobile device operating system and the OSX. Iservice Trojan targeting Mac users. As Mac and smartphones continue to increase in popularity in 2010, more attackers will devote time to creating malware to exploit these devices.

Spammers Breaking the Rules – As the economy continues to suffer and more people seek to take advantage of the loose restrictions of the CAN SPAM Act, we’ll see more organizations selling unauthorized e-mail address lists and more less-than-legitimate marketers spamming those lists.

As Spammers Adapt, Spam Volumes Will Continue to Fluctuate – Since 2007, spam has increased on average by 15 percent. While this significant growth in spam e-mail may not be sustainable in the long term, it is clear that spammers are not yet willing to give up as long an economic motive is present. Spam volumes will continue to fluctuate in 2010 as spammers continue to adapt to the sophistication of security software, the intervention of responsible ISPs and government agencies across the globe.

Specialized Malware – Highly specialized malware was uncovered in 2009 that was aimed at exploiting certain ATMs, indicating a degree of insider knowledge about their operation and how they could be exploited. Expect this trend to continue in 2010, including the possibility of malware targeting electronic voting systems, both those used in political elections and public telephone voting, such as that connected with reality television shows and competitions.

CAPTCHA Technology Will Improve – As this happens and spammers have a more difficult time breaking CAPTCHA codes through automated processes, spammers in emerging economies will devise a means to use real people to manually generate new accounts for spamming, thereby attempting to bypass the improved technology. Symantec estimates that the individuals employed to manually create these accounts will be paid less than 10 percent of the cost to the spammers, with the account-farmers charging $30-40 per 1,000 accounts.

Instant Messaging Spam - As cybercriminals exploit new ways to bypass CAPTCHA technologies, instant messenger (IM) attacks will grow in popularity. IM threats will largely be comprised of unsolicited spam messages containing malicious links, especially attacks aimed at compromising legitimate IM accounts. By the end of 2010, Symantec predicts that one in 300 IM messages will contain a URL. Also, in 2010, Symantec predicts that overall, one in 12 hyperlinks will be linked to a domain known to be used for hosting malware. Thus, one in 12 hyperlinks appearing in IM messages will contain a domain that has been considered suspicious or malicious. In mid 2009, that level was 1 in 78 hyperlinks.

Non-English Spam Will Increase – As broadband connection penetration continues to grow across the globe, particularly in developing economies, spam in non-English speaking countries will increase. In some parts of Europe, Symantec estimates the levels of localized spam will exceed 50 percent of all spam.

Source: Symantec Corp

Panda Security announces Windows 7 compatibility for all 2010 Consumer Solutions

Users can download free beta version from http://www.pandasecurity.com/windows7

Panda Security, the Cloud Security Company, announced that PandaLabs, the company’s laboratory for detecting and analyzing malware, has launched a beta version of its Panda 2010 security solutions to be compatible with the Windows 7 beta. Users who have installed the beta version of the new Microsoft operating system will benefit from the best protection against malware. The general release version will be available as soon as the new operating system is launched on October 22.

Panda’s 2010 solutions use Collective Intelligence, the company’s exclusive cloud-computing technology, to leverage the knowledge gathered from the community of millions of Panda users around the world. Each new file received is classified automatically within six minutes. The Collective Intelligence servers automatically classify more than 50,000 new malware samples every day. These technologies correlate information on malware received from each computer to continuously improve the protection level for the worldwide community of users. In addition, Panda’s 2010 solutions have perpetual, real-time contact with this vast knowledge base, guaranteeing users the fastest response against new malware that appears every day.

The new Panda 2010 solutions, recently launched on the market, are designed specifically to offer maximum protection with minimum resource consumption. The new 2010 product line has achieved an 80 percent performance improvement compared to previous versions. Panda’s new retail solutions also deliver 60 percent improved browsing speed and 40 percent improved download speed over previous versions, consuming just 8 MB of PC memory.

Source

Microsoft unveils Microsoft Project 2010

Part of the next wave of Office-related products, Microsoft Project 2010 helps customers reduce costs, improve efficiency, and simplify project and portfolio management.

Microsoft Corp. announced that the public beta of Microsoft Project 2010 will become available later this year, and revealed the product’s enhanced project and portfolio management features for the first time. Microsoft also disclosed packaging information that streamlines the number of Microsoft Project editions from four to three. Starting today, customers can pre-register for the Microsoft Project 2010 beta at http://www.microsoft.com/project/2010.

“Microsoft Project 2010 is the most significant release of Microsoft Project in over a decade,” said Chris Capossela, senior vice president of the Information Worker Product Management Group at Microsoft. “The fresh, simple and intuitive features of Microsoft Project 2010 will enable teams and organizations of all sizes to select and deliver the right projects on time and on budget.”

Microsoft Project 2010 builds on the Microsoft Office Project 2007 foundation with flexible work management solutions and the right collaboration tools for occasional and professional project managers, and includes a pathway to more advanced project and portfolio management capabilities as business needs evolve.

The release of Microsoft Project 2010 comes at a time when the industry is gaining steam. According to IDC, the project and portfolio management market will see growth as companies will rely on project and portfolio management tools to analyze their current and future project performance.*

Microsoft Project 2010 helps organizations reduce costs by enabling smarter and more informed decisions about budgeting and resource allocation. Through a dramatically enhanced user experience, Microsoft Project 2010 also drives team productivity with integration across familiar Microsoft technologies including Microsoft SharePoint Server and Microsoft Exchange Server. This integration allows a powerful business collaboration platform and proven project and portfolio management to result in a familiar, connected environment for customers to manage the simplest or the most complex projects.

Microsoft will release three editions of Microsoft Project: Microsoft Project Standard 2010, Microsoft Project Professional 2010 and Microsoft Project Server 2010. Key enhancements designed to appeal to both IT administrators and end users include these:

– Unified project and portfolio management with a common user interface and experience across the project life cycle; improved workflow controls that can be customized; better demand management to capture all types of work requests across an organization; and powerful reporting and business intelligence capabilities
– Improved productivity with effective collaboration built on Microsoft SharePoint Server 2010; enhanced collaboration and reporting; integration with Microsoft Outlook 2007 and 2010; and simplified time reporting
– Enhanced user experience and adoption with the familiar Microsoft Office Fluent user interface and new intuitive design; user-controlled scheduling for greater flexibility when creating simple or detailed project plans; the addition of a new timeline view for sequential overview of project schedules; and new Web-based project editing
– A scalable and connected platform with integration across related Microsoft technologies for connected and familiar work management on the PC, mobile phone and browser; better interoperability with third-party systems from updates to the Project Server Interface; 64-bit compatibility for performance improvement; and removal of ActiveX dependency for improved security and ease of deployment across an organization

Microsoft Project 2010 is part of the next wave of Microsoft Office-related products, which includes Microsoft Office 2010, Microsoft SharePoint Server 2010, Microsoft Exchange 2010 and Microsoft Visio 2010, and is designed to give people a consistent experience across devices, making it easier to create and edit documents and collaborate from any location.

Availability

All Microsoft Project Conference registered attendees will receive a free licensed copy of Microsoft Project Professional 2010 after launch; more information is available at http://www.keystoneondemand.com/tour/content/microsoft_project_2010_training. Microsoft Project 2010 will be available in the first half of 2010. More information about Microsoft Project 2010 can be found at http://www.microsoft.com/project.

* Source: IDC: “Worldwide Project and Portfolio Management (PPM) Applications 2009-2013 Forecast: PPM Remains a Profitability Engine in Recession,” Doc # 219381, August 2009

Source: Microsoft Corp.

Next Page »

• Recent Posts

  • Crackle Voice-controlled Experience on Xbox 360
  • ESET has been named a 2011 Top Rated Product by AV-Comparatives
  • Microsoft Provides Tips to Help Protect Your Online Image
  • Register Now for the 2012 TopCoder Open!
  • Apple All-New iTunes U App for iPad, iPhone and iPod touch
  • Free Adobe Photoshop Lightroom 4 Beta Delivers Unparalleled Image Processing
  • Macworld | iWorld: More Than 100 Brand New Products Debuting for the Apple Platform
  • IBM Brings the Power of Analytics to Social Business
  • TomTom Provides Customers with More Details about How It Uses Their Location Data
  • CES 2012: Mobile Security V6.0 for Android
  • CES 2012: ZappoTV Beta Android Version of Popular iOS App
  • CES 2012: Corel Releases New Photo Workflow Solution, Corel AfterShot Pro
  • Top 7 Security Threat Predictions for 2012
  • EA SPORTS NFL Blitz
  • Cartoon characters and video games provide new approach to learning math

• Tags

  2009 Adobe America antivirus Apple application app store browser business cybercriminals data protection download encryption FileMaker free IBM internet iPad iPhone iPod touch Mac Malware Microsoft news office online PandaLabs Panda Security productivity protection safety security Security Software SIIA social media software Software News tech technology threats Trend Micro US USA Windows Windows 7