With this in mind, AVG Technologies are offering AVG LinkScanner as a free download for Mac OS X, which scans links on websites for potential threats. If a website is clean, you’ll see a simple green tick next to the link. If the site is regarded as a threat by the scanner, you’ll see a red cross and be warned not to visit it.

The great thing about AVG LinkScanner is the simplicity. You don’t have to take it upon yourself to scan content, as it’s done automatically in the background before you click on the link. That way, you know about a potential threat without having to witness it first hand, unlike so many people browsing the web today.

Research conducted by AVG has determined that “99 per cent of all malicious threats are delivered through the web and cannot be stopped with traditional anti-virus software”. This shows how much malware can be prevented from entering a system without the use of anti-virus software. LinkScanner is the first application of its kind for Mac OS X, and certainly goes a long way to improve security.

Read full story

Both versions outsource, in effect, most of the processing required to identify malicious software to the cloud, by calling an online database run by Panda, which stores all of the firm’s virus, worm, malware and Trojan signatures. Only a subset of these signatures get downloaded to or stored on an individual PC.One benefit of outsourcing virus scanning to the cloud is that it’s scalable, especially as many malware writers imbue their attack codes with the ability to change slightly each time they’re used, the better to evade antivirus scanners. “The number of malware variants is growing exponentially while the number of computers infected by each sample is decreasing,” according to the Panda Web site. “The gap between created and detected malware keeps increasing.”

Read full story

However, the attack has serious limitations, including the requirement that the attacker must already have the ability to execute code on a system, Matousec acknowledged. That means the method would have to be used in combination with another attack vector, or employed by an attacker with local access to a system.

The method, called an argument-switch attack, can be used against Windows security programs that use a technique called System Service Descriptor Table (SSDT) hooking. All of the 35 applications tested by Matousec featured this technique, including products from BitDefender, F-Secure, Kaspersky and Sophos, as well as McAfee and Trend Micro.

“We tested the most widely used security applications and found out that all of them are vulnerable,” Matousec said in a paper outlining its research, published on Wednesday. “Today’s most popular security solutions simply do not work.”

SSDT hooking is used by many — though not all — antivirus programs as part of their mechanism for detecting and blocking attacks already running on the system. The technique involves modifying the contents of the SSDT. The company’s research focused on kernel-mode hooks, though the attack is also effective against user-mode hooks, Matousec said.

Read full story

However, the attack has serious limitations, including the requirement that the attacker must already have the ability to execute code on a system, Matousec acknowledged. That means the method would have to be used in combination with another attack vector, or employed by an attacker with local access to a system.

The method, called an argument-switch attack, can be used against Windows security programs that use a technique called System Service Descriptor Table (SSDT) hooking. All of the 35 applications tested by Matousec featured this technique, including products from BitDefender, F-Secure, Kaspersky and Sophos, as well as McAfee and Trend Micro.

“We tested the most widely used security applications and found out that all of them are vulnerable,” Matousec said in a paper outlining its research, published on Wednesday. “Today’s most popular security solutions simply do not work.”

SSDT hooking is used by many — though not all — antivirus programs as part of their mechanism for detecting and blocking attacks already running on the system. The technique involves modifying the contents of the SSDT. The company’s research focused on kernel-mode hooks, though the attack is also effective against user-mode hooks, Matousec said.

Read full story

McAfee initially tried to downplay the issue, claiming only “moderate to significant” issues on affected machines, and that the default configuration of its software was harmless. “Not booting properly and being useless for real work” strikes us as somewhat worse than “moderate to significant,” and there are many reports from people saying that McAfee is wrong about the default configuration (the situation seems unclear, but it looks like upgrades and certain patches can result in a different “default”—one that isn’t safe). As if that was any consolation—none of the settings should result in machines getting broken. Ultimately, such quibbling is irrelevant: tens or hundreds of thousands of machines were disabled by the virus update.

Eventually, McAfee did issue a statement that was suitably apologetic. And Monday, the company offered home users who were affected by the problem two years of free updates plus compensation for any costs incurred (business users are offered nothing more than an apology). What was missing was any credible explanation of why it happened, and how it would be prevented in the future.

One rather depressing hint was given in an early revision of a FAQ the company published about the problem. The document has been sanitized, but the relevant portion can be found at ZDNet:

9. What is McAfee going to do to ensure this does not repeat?

McAfee is currently conducting an exhaustive audit of internal processes associated with DAT creation and Quality Assurance. In the immediate term McAfee will do the following to provide mitigation from false detections:

1. Strict enforcement of rules and processes regarding DAT creation and Quality Assurance.
2. Addition of the missing Operating Systems and Product configurations.
3. Leveraging of cloud based technologies for false remediation.
4. A revision of Risk Assessment criteria is underway

Read full story

Security and Compliance Officer for Information Technology Systems Thomas Ritter said Sophos will extend anti-virus protection to the offices and homes of the MSU community.

“This is essentially a license that allows everyone in the MSU community who’s currently a student or a staff member to have virus protection both at work and at home,” Ritter said. “And this is replacing the existing license we had through Symantec.”

Director of User Services for ITS Stephen Parrott said the virus-type threats, which MSU sees, have changed over the past few years.

“We are seeing an awful lot of new threats, new viruses and very targeted types of things, and frankly, the Symantec didn’t seem to be doing as good of a job as some other tools on the market,” Parrott said. “So when feedback came back from students and feedback came back from our desktop support people that Symantec wasn’t finding the viruses we were seeing, we wanted to change to something different.”

Parrott said ITS has not only seen a rise in viruses which can damage computers, but ITS has also seen a rise in crimeware, viruses used to commit crimes

“One thing we saw was people saying ‘you said my machine was infected and I scanned it with Symantec and I didn’t find anything,’” he said. “Well that is really discouraging to us, so that is one of the reasons we looked at this.”

Ritter said Symantec was not responding to new threats which have come out like ITS would have liked.

“We actually talked about it last year… we just didn’t have the time to get the contract in place,” Ritter said. “So we actually talked to Symantec, nothing was really done; we told them our concerns and it actually got worse.”

Read full story

When Pavel Baudis wrote his original anti-virus software in 1988, he had no idea that 22 years later, his company (ALWIL software) would be servicing over one hundred million users. Co-founder and resident expert on malware and computer viruses, Baudis was inspired to write the software after he found a virus on a floppy disk. “Once I found the virus and analysed it, I had to wait half a year for the next one to surface”, he laughs. How times have changed.

“A lot of anti-virus vendors have routes back to the late ‘80s, early ‘90s. Problems started to surface, and naturally, so did solutions. Eugene Kaspersky emerged in the market shortly after us”, Baudis remembers. Whilst Kaspersky and ALWIL software (best known for producing Avast!) may have had similar beginnings, they have since taken very different routes.

So what’s the logic behind the free anti-virus model? “Of course, a small amount of our customers will upgrade to our paid premium product, but we value our free community extremely. They do our advertising and marketing for us”, explains CEO Steckler.

Read full story

Then the Internet happened, the browser became the dominant application, and websites emerged as a major means of distributing what became known more generically as ‘malware’. Malware included old-fashioned viruses, but also mass-distribution worms, Trojans (a major new class of program), and a cluster of applications designated as ‘spyware’.

Suddenly, the threat wasn’t just good coding it was bad coding too, with the industrialisation of malware that could exploit software vulnerabilities in the OS, in apps, and especially in browsers and browser plug-ins.

Read full story

According to the lawsuit, filed March 10 in New York federal court, Kenneth Elan of Port Washington, N.Y., was charged $78.85 in April 2009 for a renewal to his copy of McAfee Security Center Antivirus. Elan claimed that he had not consented to the automatic billing.

“The language of the automatic renewal provision states that automatic renewal is an option of the purchaser,” the lawsuit stated, referring to a section of the McAfee end-user licensing agreement (EULA). “[But] despite McAfee’s representation, enrollment in the automatic renewal is compulsory with purchase of McAfee’s software. Purchasers are not given the option to decide if they want an automatically renewing subscription for the software they are purchasing.”

Like most security software, McAfee’s typically comes with a one-year license, which includes a subscription to new malware signature updates. When that initial signature subscription expires, customers must renew to continue to receive updates that will recognize new threats.

Read full story

Of late, specialists at CA noticed ‘Dr. Guard,’ a software-cracking program. This program includes a fake anti-malware application. When run, the packaged rogue application identified as Win32/Multidropper runs the cracking program as well as plants additional malware onto the user’s computer. These additional malware are information stealers, file installers or a FAKEAV. CA detected Dr. Guard as Win32/WindowsAntivirusPro! Generic.

Moreover, Dr. Guard represents the family of fresh bogus security applications that have been converted into ransomware before letting loose. Once the malware is loaded to an end-user’s computer, it will continuously generate alert pop-ups and steal access to the supposedly highly contaminated system. Further the alerts prompt the user to purchase so-called anti-virus software (complete edition) if he wants to clean his system.

Read full story