Sunday, December 15, 2019

Get Into the Zone

August 12, 2014 by  
Filed under Featured

Malware. An odd sounding word created to lump all malicious software programs, including viruses, worms, trojans, spyware, adware, and other malevolent codes into one cause-your-computer-serious-hurt category.

In 2005, Computer Economics released a report on malware. The good news was that for the first time since 2002, the total worldwide financial losses from malware actually declined to a mere $14.2 billion. The bad news was that the nature of malware was changing from overt threats to more focused, covert attacks. This definitely is not great news for the average computer user just trying to keep up with the hundreds of malware programs that bombard us daily.

It’s not an easy task keeping malware out of your computer system. In order to accomplish this, you need a strong antivirus program. One such program that can deliver the goods is ZoneAlarm Internet Security Suite 6 from Zone Labs. Zone Labs is one of the most trusted brands in Internet Security for good reason. Their product, simply put, kicks serious malware gluteus maximus.

ZoneAlarm has received more review recommendations that any other Internet-security software suite because of its superb firewall and antivirus protection. It blocks pop-up ads, protects against identify theft and provides adequate spam filters that are flexible. It even beats the market leader, Norton Internet Security, which is often criticized for excessive system drag.

Its newest version includes these additional features:

1 Triple Defense Firewall to prevent spyware from sending your information across the Internet. It also makes your computer invisible to anyone on the Net.
2 Smart Defense Advisor which can automatically adjust your security settings for maximum protection against the latest virus and spyware outbreaks.
3 Advanced Identify and Privacy Protection to prevent your personal data from leaving your computer without your approval.

The bonus for the average user who cringes at the idea of setting-up one of these systems is that the interface is easier to understand and use in comparison to most if its competitors. If you choose to venture beyond the out-of-the-box default settings, and install a more elaborate filtering, know that this will require some additional time to set up on your part.

Overall, ZoneAlarm Internet Security Suite is a user-friendly, comprehensive security solution that will have your computer safe from Internet hazards and cyber criminals within minutes of installation.

Why Do I Feel Like Somebody’s Watching Me?

August 12, 2014 by  
Filed under Featured

Spyware is one of the fastest-growing internet threats. According to the National Cyber Security Alliance, spyware infects more than 90% of all PCs today. These unobtrusive, malicious programs are designed to silently bypass firewalls and anti-virus software without the user’s knowledge. Once embedded in a computer, it can wreak havoc on the system’s performance while gathering your personal information. Fortunately, unlike viruses and worms, spyware programs do not usually self-replicate.

Where does it come from?
Typically, spyware originates in three ways. The first and most common way is when the user installs it. In this scenario, spyware is embedded, attached, or bundled with a freeware or shareware program without the user’s knowledge. The user downloads the program to their computer. Once downloaded, the spyware program goes to work collecting data for the spyware author’s personal use or to sell to a third-party. Beware of many P2P file-sharing programs. They are notorious for downloads that posses spyware programs.

The user of a downloadable program should pay extra attention to the accompanying licensing agreement. Often the software publisher will warn the user that a spyware program will be installed along with the requested program. Unfortunately, we do not always take the time to read the fine print. Some agreements may provide special “opt-out” boxes that the user can click to stop the spyware from being included in the download. Be sure to review the document before signing off on the download.

Another way that spyware can access your computer is by tricking you into manipulating the security features designed to prevent any unwanted installations. The Internet Explorer Web browser was designed not to allow websites to start any unwanted downloads. That is why the user has to initiate a download by clicking on a link. These links can prove deceptive. For example, a pop-up modeled after a standard Windows dialog box, may appear on your screen. The message may ask you if you would like to optimize your internet access. It provides yes or no answer buttons, but, no matter which button you push, a download containing the spyware program will commence. Newer versions of Internet Explorer are now making this spyware pathway a little more difficult.

Finally, some spyware applications infect a system by attacking security holes in the Web browser or other software. When the user navigates a webpage controlled by a spyware author, the page contains code designed to attack the browser, and force the installation of the spyware program.

What can spyware programs do?

Spyware programs can accomplish a multitude of malicious tasks. Some of their deeds are simply annoying for the user; others can become downright aggressive in nature.

Spyware can:
1 Monitor your keystrokes for reporting purposes.
2 Scan files located on your hard drive.
3 Snoop through applications on our desktop.
4 Install other spyware programs into your computer.
5 Read your cookies.
6 Steal credit card numbers, passwords, and other personal information.
7 Change the default settings on your home page web browser.
8 Mutate into a second generation of spyware thus making it more difficult to eradicate.
9 Cause your computer to run slower.
10 Deliver annoying pop up advertisements.
11 Add advertising links to web pages for which the author does not get paid. Instead, payment is directed to the spyware programmer that changed the original affiliate’s settings.
12 Provide the user with no uninstall option and places itself in unexpected or hidden places within your computer making it difficult to remove.

Spyware Examples
Here are a few examples of commonly seen spyware programs. Please note that while researchers will often give names to spyware programs, they may not match the names the spyware-writers use.

CoolWebSearch, a group of programs, that install through “holes” found in Internet Explorer. These programs direct traffic to advertisements on Web sites including coolwebsearch.com. This spyware nuisance displays pop-up ads, rewrites search engine results, and alters the computer host file to direct the Domain Name System (DNS) to lookup preselected sites.
Internet Optimizer (a/k/a DyFuCa), likes to redirect Internet Explorer error pages to advertisements. When the user follows the broken link or enters an erroneous URL, a page of advertisements pop up.
180 Solutions reports extensive information to advertisers about the Web sites which you visit. It also alters HTTP requests for affiliate advertisements linked from a Web site. Therefore the 180 Solutions Company makes an unearned profit off of the click through advertisements they’ve altered.
HuntBar (a/k/a WinTools) or Adware.Websearch, is distributed by Traffic Syndicate and is installed by ActiveX drive-by downloading at affiliate websites or by advertisements displayed by other spyware programs. It’s a prime example of how spyware can install more spyware. These programs will add toolbars to Internet Explorer, track Web browsing behavior, and display advertisements.

How can I prevent spyware?
There are a couple things you can do to prevent spyware from infecting your computer system. First, invest in a reliable commercial anti-spyware program. There are several currently on the market including stand alone software packages such as Lavasoft’s Ad-Aware or Windows Antispyware. Other options provide the anti-spyware software as part of an anti-virus package. This type of option is offered by companies such as Sophos, Symantec, and McAfee. Anti-spyware programs can combat spyware by providing real-time protection, scanning, and removal of any found spyware software. As with most programs, update your anti virus software frequently.

As discussed, the Internet Explorer (IE) is often a contributor to the spyware problem because spyware programs like to attach themselves to its functionality. Spyware enjoys penetrating the IE’s weaknesses. Because of this, many users have switched to non-IE browsers. However, if you prefer to stick with Internet Explorer, be sure to update the security patches regularly, and only download programs from reputable sources. This will help reduce your chances of a spyware infiltration.
.
And, when all else fails?
Finally, if your computer has been infected with a large number of spyware programs, the only solution you may have is backing up your data, and performing a complete reinstall of the operating system.

Who are the Players in the Antivirus Industry?

August 12, 2014 by  
Filed under Featured

Everyone in the United States has heard of the leading antivirus vendors Symantec, Mcafee, Computer Associates, and Trend Micro. These companies have market-leading presence in the United States. Microsoft, as well, has plans become a key player in this market. Microsoft acquired intellectual property and technology from GeCad software in 2003, a company based in Bucharest, Romania. They also acquired Pelican Software, which had a behavior based security as well as Giant Company Software for spyware and Sybari Software, which manages virus, spam, and phishing filtering.

A lot of discussion has centered on whether Microsoft with come to own a dominant position in the antivirus market by simply bundling its technologies with its operating systems at no charge. This is a similar technique applied in other markets such as word processing and Internet browsers.

Of course there are a number of antivirus vendors who also play in this market. There are many companies with great market presence in other countries that are beginning to become more widely known. These vendors include GriSoft out of the Czech Republic, Sophos in the united Kingdom, Panda Software out of Spain, Kaspersky in Russia, SoftWin in Romania, F-Secure in Finland, Norman in Norway, Arcabit in Poland, VirusBuster out of Hungary, and AhnLab in South Korea.

It is not clear where the industry is heading and everyone in this market faces a rapidly changing landscape. The amount of effort to find and provide fixes for viruses is staggering. Malicious programs are getting more complex and the number of them is increasing. Many companies may find themselves without the resources to match the efforts of those truly bent on creating havoc. Some virus companies are getting of hundreds of new samples a day! Moreover, the new viruses are getting “smarter” in that they propagate themselves quickly and they often hide themselves and are smart enough to move around in a system by renaming themselves in an effort to make it hard to remove them.

What the Heck are Botnets?

August 12, 2014 by  
Filed under Featured

“A botnet is comparable to compulsory military service for windows boxes” – Stromberg (http://project.honeynet.org/papers/bots/)

Botnets are networks of computers that hackers have infected and grouped together under their control to propagate viruses, send illegal spam, and carry out attacks that cause web sites to crash.

What makes botnets exceedingly bad is the difficulty in tracing them back to their creators as well as the ever-increasing use of them in extortion schemes. How are they used in extortion schemes? Imagine someone sending you messages to either pay up or see your web site crash. This scenario is starting to replay itself over and over again.

Botnets can consist of thousands of compromised machines. With such a large network, botnets can use Distributed denial-of-service (DDoS) as a method to cause mayhem and chaos. For example a small botnet with only 500 bots can bring corporate web sites to there knees by using the combined bandwidth of all the computers to overwhelm corporate systems and thereby cause the web site to appear offline.

Jeremy Kirk, IDG News Service on January 19, 2006, quotes Kevin Hogan, senior manager for Symantec Security Response, in his article “Botnets shrinking in size, harder to trace”, Hogan says “extortion schemes have emerged backed by the muscle of botnets, and hackers are also renting the use of armadas of computers for illegal purposes through advertisements on the Web.”

One well-known technique to combat botnets is a honeypot. Honeypots help discover how attackers infiltrate systems. A Honeypot is essentially a set of resources that one intends to be compromised in order to study how the hackers break the system. Unpatched Windows 2000 or XP machines make great honeypots given the ease with which one can take over such systems.

A great site to read up on this topic more is The Honeynet Project (http://project.honeynet.org) which describes its own site’s objective as “To learn the tools, tactics and motives involved in computer and network attacks, and share the lessons learned.”