• Categories

  • Browsers
  • Business Software
  • Communications
  • Desktop Enhancements
  • Developer Tools
  • Digital Photo Software
  • Downloads
  • Drivers
  • Educational Software
  • Games
  • Graphic Design Software
  • Home Software
  • Internet Software
  • iTunes and iPod Software
  • Linux
  • MP3 Audio Software
  • Networking Software
  • Productivity Software
  • Screensavers and Wallpaper
  • Security Software
  • Software News
  • Utilities and Operating Systems
  • Video Software

• Archives

  • September 2010
  • August 2010
  • July 2010
  • June 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • November 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009

• Links

  • Gadget Mania
  • Gadget Reviews
  • USB World
  

• Meta

  • Log in
  • WordPress
  • XHTML

Trend Micro Threat Research Report: 9 Million ZeuS attacks blocked by Trend Micro in the last 6 months

Trend Micro has seen a recent rise in average of around 300 unique ZeuS samples per day, according to a recent threat report that examines the Eastern European criminal enterprise behind one of the world’s most prolific crimeware kits designed for wholesale monetary theft. Trend Micro witnessed more than 13,000 unique ZeuS samples within January 2010 alone.

“ZeuS is nothing new – we’ve seen it at work for years. But what’s alarming is the recent rise in attacks,” said Raimund Genes, CTO of Trend Micro. “It’s one of the most notorious security threats to Internet users and Trend Micro is fighting back: In the last 6 months, we’ve blocked about 9 million ZeuS attacks and we’re not stopping.”

Latest developments

For the greater part of last year, Trend Micro discovered that ZeuS variants were also distributed via the Avalanche botnet – a fast-flux botnet — which sent spammed messages en masse. The spam runs imitated several popular social networking sites. The cybercriminals behind the operations even tried to copy email messages and Web sites of U.S. government institutions like the Federal Deposit Insurance Corporation (FDIC), the Centers for Disease Control and Prevention (CDC), the Social Security Administration (SSA), and the Internal Revenue Service (IRS).

Another significant feature that was recently added to the current ZeuS versions is the “Jabber” functionality. Jabber is an open source instant messaging protocol and JabberZeuS is a ZeuS variant where the credentials stolen during a banking session are relayed in real-time to the ZeuS botmaster via instant messages so she can immediately log in to the same account undetected using the same credentials as the victim.

ZeuS-BREDOLAB connections

According to Trend Micro research, BREDOLAB and ZeuS are individual tools that are freely available in the cybercriminal underground. Their uses complement each other, which is why they’re often seen together. While ZeuS specializes in stealing information from infected systems, BREDOLAB enables cybercriminal organizations to deliver any kind of software to its victims. Once a user’s machine is infected by BREDOLAB, it will receive regular malware updates the same way it receives software updates from the user’s security vendor.

Poor economy fueling ZeuS

The success of ZeuS is partly attributed to cybercriminals’ ability to recruit money mules that move their stolen money around through bogus work-from-home scams. Given the current economic situation in the United States–with millions of people out of work–cybercriminals know they have a high success rate in recruiting accomplices.

Work-from-home recruits are instructed to provide bank account information, which the cybercriminals use to access compromised online bank accounts and to wire money amounting to less than US$10,000 to money mules, indicating that they are fully aware of banking alert limits. The money mules then wire the money back to Eastern Europe.

How can companies protect themselves?

Designed to quietly steal banking information and other sensitive data, the ZeuS botnet can turn itself off to remain undetected. Trend Micro offers the most advanced technology and expertise to immediately eliminate botnet attacks. The Trend Micro(TM) Smart Protection Network(TM) provides instant, real-time protection and is the infrastructure behind Trend Micro products. It correlates more than 20 billion emails, Web sites and files a day, using that data to immediately identify and respond to the latest emerging threats.

Trend Micro Recommends

– Home & Home Office Products Trend Micro(TM) Internet Security
– Small Business Products Worry-Free(TM) Business Security Standard/Advanced and Services
– Medium Business/Enterprise OfficeScan(TM) Client/Server Edition Threat Management Services InterScan(TM) Messaging Hosted Security InterScan(TM) Web Security

ZeuS and other bots now control more than 100 million computers worldwide. If you’re concerned that info-stealing malware is on your network, sign up for a free Security Threat Assessment today.

For the full research report, visit: http://us.trendmicro.com/us/trendwatch/research-and-analysis/white-papers-and- articles/index.html

Trend Micro 2010 Future Threat Report

Virtualization, Cloud-Computing and a Shifting Internet Infrastructure Will Widen the Scope of Cybercrime

Using news headlines and the latest technological trends, cybercriminals are brilliantly agile at exploiting whatever is trendy for cash and profit. Now, the growing popularity of cloud computing and virtualization among companies is likely to catch the attention of criminals scheming for the next hot cyber-swindle.

According to the Trend Micro 2010 Future Threat Report, cloud computing and virtualization — while offering significant benefits and cost-savings — move servers outside the traditional security perimeter and expand the playing field for cybercriminals. The industry already witnessed Danger/Sidekick’s cloud-based server failure that caused major data outages in November 2009, highlighting cloud-computing risks that cybercriminals will likely abuse. Trend Micro believes cybercriminals will either be manipulating the connection to the cloud, or attacking the data center and cloud itself.

The Internet infrastructure is changing, opening more opportunities for cybercrime

The “next-generation” protocol designed by the Internet Engineering Task Force, Internet Protocol v. 6, is still in the experimentation stages of replacing the current IPv4, now 20 years old. As users start to explore IPv6, so will cybercriminals, and we can expect to see proof-of-concept elements in IPv6 start to materialize in the upcoming new year. Possible avenues for abuse include new covert channels or C&C. But don’t expect active targeting of IPv6 address space–at least not in the very immediate future.

Domain names are becoming more internationalized and the introduction of regional top-level domains (Russian, Chinese, and Arabic characters) will create new opportunities to launch age-old attacks through look-alike domains for phishing – using Cyrillic characters in place of similar looking Latin characters. Trend Micro predicts this will lead to reputation problems and abuse that will challenge security companies.

Social media and social networks will be used by cybercriminals to enter the users’ “circle of trust”

Social engineering will continue to play a big role in the propagation of threats. But given the increasing saturation of social media with content intended to be shared via online social interactions, cybercriminals will definitely try to penetrate and compromise popular communities more than ever in 2010.

Social networks are also ripe venues for stealing personally identifiable information (PII). The quality and quantity of data posted openly by most trusting users on their profile pages, combined with interaction clues, are more than enough for cybercriminals to stage identity thefts and targeted social engineering attacks. The situation will worsen in 2010, with high-profile personalities suffering from online impersonators or stolen bank accounts.

The extinction of global outbreaks, and the growth of localized, targeted attacks

The threat landscape has shifted and we are no longer seeing global outbreaks like Slammer or CodeRed. Even the much covered Conficker incident of 2008 and early 2009 was not a global outbreak by its true definition; rather it was a carefully orchestrated and architected attack. Moving forward, localized and targeted attacks are expected to grow in their number and sophistication.

More key forecasts for 2010 and beyond:
– It’s all about money, so cybercrime will not go away.
– Windows 7 will have an impact since it is less secure than Vista in the default configuration.
– Risk mitigation is not as viable an option anymore-even with alternative Browsers /alternative operating systems.
– Malware is changing its shape – every few hours.
– Drive-by infections are the norm – one Web visit is enough to get infected.
– New attack vectors will arise for virtualized/cloud environments.
– Bots can’t be stopped anymore, and will be around forever.
– Company/Social networks will continue to be shaken by data breaches.

Source: Trend Micro Incorporated

Enterprises need more out of web gateway security

Trend Micro reshapes Web gateway security beyond URL filtering and includes a reporting management tool that gives enterprises instant, detailed access to their entire company’s Web activities.

Enterprises are ready for a Web gateway security product that not only prioritizes security, but brings extensive capabilities together in one solution; a security product that effectively manages employees’ Internet use while in the office, but also exceeds basic URL filtering to address zero-hour attacks through Web reputation – all without breaking the bank.

Trend Micro makes this possible with the launch of its Web Gateway Security solution, which integrates the InterScan Web Security Virtual Appliance 5.0 product and the new Advanced Reporting and Management module for a complete solution set that is powered by the Trend Micro(TM) Smart Protection Network(TM) infrastructure, an in-the-cloud source for threat intelligence.

Combined with on-premise, high-performance malware scanning, policy administration, and dynamic reporting, Trend Micro(TM) Web Gateway Security provides the most comprehensive and responsive security solution for the Web gateway, along with the lowest total cost of ownership. It also includes leading antivirus and anti-spyware technologies to clean, delete or quarantine infected content.

Now Organizations Can Answer Difficult Internet-Use Questions: Who?, What?, When?, How? and Where?

The integrated Advanced Reporting and Management module gives customers unprecedented visibility into their entire company’s Web activities, and provides access to real-time information at a very granular level.

The reality is that more and more legitimate Web sites are being hacked; just because it looks safe, doesn’t always mean it is. Employees using the Internet for business, or personal “online errands” such as shopping, banking or social networking while still in the office could be opening doors for cybercriminals determined to steal proprietary data for illegal profits.

For IT managers, this is troublesome. In a recent Trend Micro survey of nearly 200 high-level IT executives, 75 percent of them admitted that they were concerned about unauthorized online activities at work. Nearly 70 percent of them would go as far as prohibiting, to an extent, from accessing certain Web sites such as shopping sites and social media sites.

With Advanced Reporting and Management, IT managers gain clarity into employees’ Internet activities through dynamic dashboards, real-time monitoring, forensic-level user activity analysis, and drill-down reporting so that threats are exposed faster, allowing IT to respond more quickly.

They get insight into where malware is coming from, who’s spending large amounts of time browsing non-work related sites (and therefore compromising productivity), when they’re doing it, who’s responsible for slowing down the network as it’s occurring, and much more. And as a software virtual appliance, it fits the growing trend toward standardized hardware and virtualization.

“Our business is 100 percent reliant on the Internet, but with our previous security solutions we could not effectively enforce our company’s Web policies,” said Rudy Dellafiore, IT manager for Bass Underwriters, a leading independent professional services company. “The switch to Trend Micro allowed us to get our employees’ Web behavior under control. We can see what sites are being visited and impose controls that employees cannot circumvent.”

New Features of InterScan Web Security Virtual Appliance 5.0

InterScan Web Security Virtual Appliance delivers comprehensive gateway protection against Web threats by consolidating URL filtering with real-time Web reputation (both of which consistently beat out competitors in independent tests), and powerful content scanning. The solution allows customers to either dedicate their own standardized hardware to the application, or install in a VMware environment with other applications. New features within the latest release include:

– The ability to scan HTTPS traffic and create exception policies based on specific sites or categories of sites to support privacy requirements
– Flexible URL filtering policy engine that supports capabilities such as custom URL categories, exceptions and file type whitelisting.
– Object-level blocking, which secures Web 2.0 Web pages by providing more granular enforcement of policy without blocking the entire page.
– Support for Google and Yahoo!’s SafeSearch feature to prevent inappropriate content from appearing in search results.
– Support for directory-based user identification while deployed in transparent bridge. This deployment mode allows all Internet traffic to be analyzed without having to reconfigure users’ browsers or other network devices in the environment.

“Trend Micro InterScan Web Security Virtual Appliance has greatly reduced our network utilization, from 95 percent down to 35 percent of capacity, because of the effective blocking of access to inappropriate music and video downloading sites,” said Dellafiore.

“Not only are most Web gateway security solutions not doing enough to stop Web threats, they have very high management costs,” said David Lieberman, gateway and collaboration director at Trend Micro. “Trend Micro Web Gateway Security gives customers better protection, more flexibility and lower total costs. Enterprise customers should not have to spend a great deal to receive superior security protection – value and quality ought to go hand in hand.”

North American Pricing & Availability

Trend Micro Web Gateway Security is available immediately. New customers who buy Trend Micro Web Gateway Security get InterScan Web Security Virtual Appliance v5 and the Trend Micro Advanced Reporting and Management together. Existing customers will be able to upgrade to InterScan Web Security Virtual Appliance and/or Advanced Reporting and Management.

Pricing varies by seat count and decreases with volume. For the 2001-5000 seat level, Trend Micro Web Gateway Security license price for new customers is $17.98 per user, with a 3 year cost being $28.77 per user.

New Trend Micro Consumer Security delivers universal, multi-platform protection

Optimized for Microsoft(TM) Windows(TM) 7, Trend Micro(TM) Internet Security 2010 is the total protection package for consumers everywhere.

In developing its 2010 consumer line, Trend Micro kept in mind that consumers often find security software programs to be tedious to manage and heavy on computer resources. The company unveiled today new versions of its flagship consumer products – Trend Micro(TM) Internet Security and Trend Micro Internet Security Pro, both the first to be optimized for Microsoft(TM) Windows(TM) 7. Now faster and smarter while remaining easy to use, they provide superior protection without draining computer resources.

“We listened to our customers and honed in on convenience, ease-of-use and efficiency. Compared to last year, our new products have a 20-percent reduction in installed file size and scan time,” said Carol Carpenter, general manager of the consumer and small business unit. “Trend Micro Internet Security 2010 is comprehensive security that promises easy, fast and smart protection for consumers who are tired of complicated, cumbersome security packages.”

Smart Security Made Simple

Software security doesn’t have to be complex. Trend Micro Internet Security and Internet Security Pro give consumers the freedom and peace of mind to shop, surf, or bank online without struggling to update or manage their security programs — one of the reasons why many simply opt out of security software completely. But with identity and data theft draining consumers millions of dollars every year, foregoing security software or even settling for free security software can be an expensive risk.

Both products offer unique features that make it effortless for consumers to stay protected. The Home Network Security Management function, for example, allows consumers to see and remotely manage other computers in their home network through a graphical home network map and block wireless network intruders.

Trend Micro has also tried to alleviate the need for consumers to manually adjust their security program. The 2010 products are “state aware,” which means scans and updates happen only when it’s convenient for consumers — no inconvenient in-product messages while they are watching a video, conducting a PowerPoint presentation, or playing a computer game.

The Security Activity Dashboard has also been improved so customers see a comprehensive and customizable snapshot of all the security activities on their computers through streamlined, easy-to-understand charts and graphs. By learning more about when and how their computers can be attacked, customers can surf without worry.

Fast, Ubiquitous Protection

Simplicity joins speed in this year’s consumer line. With cybercriminals moving at unprecedented speed, consumers need their security programs to work even faster. Trend Micro Internet Security and Internet Security Pro are powered by the Trend Micro(TM) Smart Protection Network(TM) infrastructure, which works in the background, correlating threat intelligence, protecting in the Internet cloud, and giving consumers – wherever they are — immediate, real-time protection competitive products don’t offer.

Ubiquitous protection is another must for consumers who travel with their laptops or smartphones and Trend Micro tailors its products for this mobile group. As part of the Trend Micro Internet Security Pro package, consumers also get a license for Mobile Security, which protects smartphones against viruses, spam, data theft, service disruptions and other malware attacks against Microsoft Windows Mobile and Symbian(TM) OS based devices.

Smart, Online Protection – For the Whole Family

Worrying about security software is one thing, but worrying about your child’s online safety is another issue entirely. A recent Trend Micro survey found that parents have a misperception of their kids’ online safety — over 65 percent of parents surveyed believe their kids are safe while using the Internet.

But online dangers are real and can pose serious offline threats. Busy working families with tech-savvy kids can take advantage of the enhanced parental controls found in Trend Micro consumer products; parents can tailor control features according to age and remotely monitor when and what their kids are viewing online. They can control both inbound traffic (by blocking inappropriate Web site content) and outbound traffic (personal information such as home addresses, phone numbers, passwords, etc.) they don’t want to be sent from a computer.

In addition to fast and easy protection for the entire family, Trend Micro Internet Security and Internet Security Pro also include additional enhanced security features that:

• Automatically prevent suspicious software on USB drives from opening and installing itself on the computer.
• Analyze suspicious domain names and block attempts to open potentially dangerous Web sites.
• Rate the safety of hyperlink search results via search engines such as Biglobe(TM) (one of the largest Internet Service Providers in Japan), Infoseek(TM) and Bing(TM) on the Trend Micro Toolbar.
• Include improved correlation via the Trend Micro Smart Protection Network — customers are part of a “neighborhood watch” system of protection that means greater security.

Protection beyond the PC

Trend Micro, through its multi-device “security blanket” strategy for the home, has also extended its protection to the Mac platform, Netbooks, USB drives, Sony PlayStation and Sony Portable, Linksys(TM) by Cisco(TM) routers, and Apple(TM) iPhone.

Pricing & Availability for North America

Trend Micro consumer security suites come in three flavors: Trend Micro Internet Security, Trend Micro Internet Security Pro, and Trend Micro(TM) AntiVirus + AntiSpyware. Trend Micro Internet Security Pro offers additional features that are optimized for performance, laptop usage away from home, and online banking and shopping. For those who want just the basic protection, Trend Micro also offers Trend Micro AntiVirus + AntiSpyware.

The consumer product line will be available online on August 24th at www.trendmicro.com. They will also be in retail stores in August. The subscription prices for one year are $39.95, $49.95 and $69.95, respectively for Trend Micro AntiVirus + AntiSpyware, Trend Micro Internet Security, and Trend Micro Internet Security Pro. Customers who purchase Trend Micro Internet Security or Internet Security Pro are able to install the software on up to three household computers.

Source: Trend Micro

Trend Micro Boosts Worry-Free Security

Safer, smarter, simpler Worry-Free(TM) Business Security version 6.0 is now enhanced with new features powered by the Trend Micro(TM) Smart Protection Network(TM).

Building upon the “Worry-Free” promise it made five years ago to small businesses with little or no IT support, Trend Micro is introducing the latest version of Trend Micro Worry-Free Business Security, now reinforced with unmatched new features that are powered by the Trend Micro Smart Protection Network. This next-generation security infrastructure provides a unique approach to blocking viruses, spyware, spam, and Web threats before they reach business networks.

The Smart Protection Network is at the core of both previous and new technologies integrated with Worry-Free Business Security. With its underpinnings of automatic Web Threat Protection, all-in-one, integrated defense against a variety of threats, and zero administration, Trend Micro Worry Free Business Security 6.0 has “smart” new features that deliver a smarter and more effective approach than conventional antivirus:

NEW URL Filtering, unique to Trend Micro, helps maintain business productivity and adds another layer of protection against Web threats by proactively blocking inappropriate, risky or non-business related Web sites. Users can configure filter strength, rules, and business/leisure hours.

NEW Smart Protection Network-Powered Smart Scan is a breakthrough approach that provides more effective protection than conventional antivirus. Smart Scan scans faster and updates quicker to detect and remove the increasing number of threats, while minimizing the performance impact to protected computers.

By leveraging Smart Protection Network file reputation technologies, Smart Scan stops threats by storing the majority of detection technologies (up to 80 percent compared with conventional scanning) on the local security server and accessed as needed. By keeping these technologies off of local PCs and servers, this approach extends the life of hardware and, over time, prevents the slow-down of computers.

NEW Smart Protection Network-Powered Smart Feedback, another technology unique to Trend Micro, simply and automatically feeds back security-related issues and events to Trend Micro where it is quickly analyzed, and updates are made to rapidly protect all customers. Smart feedback identifies new threats faster to protect users rapidly. Faster identification and response to new threats means faster protection.

ENHANCED Version of Worry-Free(TM) Remote Manager, Designed for Channel Partners

Just another part of Trend Micro’s portfolio of channel-friendly products and solutions, this enhanced version of Worry-Free Remote Manager provides integrated installation with Worry-Free Business Security 6.0. Worry-Free Remote Manager also supports Trend Micro(TM) InterScan Messaging Hosted Security for stopping spam and other email threats before they reach the network. It allows partners to easily add customers to their console during their initial installation of Worry-Free Business Security. Trend Micro is currently the only security vendor that offers this type of critical tool free of charge to eligible channel solution partners.

“Over the years, we have learned that we can rely on Trend Micro to continually enhance the all-in-one solution, and our business benefits with the latest technologies and performance improvements. We stick with Trend Micro every year because it works!” said Bill Buck, the aerospace engineer that was given responsibility for security at AeroTech Research.

“Small businesses face the same daunting security challenges associated with protecting crucial data from online threats. However they normally don’t have the staff or other resources required to manage complicated security suites,” said Charles Kolodgy, research director of Security Products at IDC. “For security to be effective within a small business environment it needs to be routine, automatic, easy, and painless. Trend Micro has endeavored to achieve those goals with the latest version of Trend Micro Worry Free Business Security.”

Other new features in Worry-Free Business Security 6.0 include:

NEW USB Device Threat Prevention automatically protects PCs and servers from infected USB devices, preventing threats from automatically executing and spreading across business networks. Threats coming from removable media devices such as USB sticks are on the rise, meaning small businesses cannot afford to ignore this potential source of infections.

NEWLY Enhanced Security Dashboard reinforces Trend Micro’s goal of zero-administration solutions for its small business customers. It provides easy, at-a-glance status checking. Users can sort by dashboard traffic lights to quickly understand security status, which minimizes time and energy spent on analyzing computers status.

“If small businesses think increasing protection against threats means decreasing computer performance over time, they need to think again,” said Steve Quane, general manager of Trend Micro’s SMB business unit. “Worry-Free Business Security, with features powered by the Trend Micro Smart Protection Network, keeps constantly updated, scans faster while minimizing impact to PCs, and requires minimal user interaction. Trend Micro allows businesses to stop worrying about security so they can focus on their business.”

Mark Muller, a reviewer from Bright Hub who recently tested Worry-Free Business Security 6.0 said, “I deployed and tested WFBS 6.0 in my company’s IT infrastructure and can recommend the product without hesitation: WFBS is easy to deploy and manage and offers industry-leading protection against a broad range of threats. In short, Trend Micro Worry-Free Business Security Advanced 6.0 puts enterprise-class IT security easily within the reach of smaller businesses. Highly recommended!”

Pricing & Availability for North America

Worry-Free Business Security 6.0 is expected to be available for download on May 29. Per user pricing varies by seat count and price decreases with volume. For a 1-year license of Worry-Free Business Security Standard, the 2-25 seat level is $37.75 per user. For a 1-year license of Worry-Free Business Security Advanced, the 2-25 seat level is $62.02 per user. Worry-Free Remote Manager support will be available alongside Worry-Free Business Security 6.0.

Worry-Free Business Security 6.0 also protects businesses running the latest Windows Essential Server Solutions: Microsoft(TM) Small Business Server 2008 (for small businesses with fewer than 75 PCs); and Microsoft Essential Business Server 2008 (for mid-size businesses with fewer than 300 PCs). It also protects Microsoft(TM) Exchange 2007 on Windows(TM) Server 2008 users.

Next Page »

• Recent Posts

  • Mobile Security Problems Will Drive Demand for Authentication Products
  • Top Web Scams of the Decade
  • 25 Percent of New Worms in 2010 Are Designed to Spread Through USB Devices
  • IBM Delivers New Software to Help Clients Adopt Smarter Security and Compliance Management
  • DEF CON Survey Reveals Vast Scale of Cloud Hacking
  • More Than 200 Websites Use ‘Justin Bieber’ as Bait to Distribute Malware, According to PandaLabs
  • Panda Security’s Flagship Internet Security 2010 Takes Top Spot in AV-Test Report
  • National High School Cyber Defense Competition Registering Teams for Fall
  • National Survey: Online Safety is a Personal Priority for Americans
  • SonicWALL Releases Mid-Year Assessment of Top Cybercrime Threats for 2010
  • Casper 6.0 Tech Edition Disk Backup and Upgrade Software
  • Open Source Community Paves Way for Developers to Improve Internet Access for the Aging, Disabled
  • SAP Releases New Version of SAP Business ByDesign
  • Apple Updates Safari 5
  • Apple Mac OS X Updated

• Tags

  2009 2010 America antivirus Apple application beta browser business Conficker cybercriminals data protection download educational encryption free Home Software IBM internet iPhone Mac Malware Microsoft news office online PandaLabs Panda Security productivity protection safety security Security Software SIIA software Software News tech technology threats Trend Micro United States US USA Windows Windows 7