Viruses, Worms and Other Malware

Article (33)

How to prevent spyware and keyloggers infections
Learn how keyloggers and other spyware infect your system, then strike back with effective defences.
How to beat a botnet
What do you do if your organisation is targeted by a botnet that gets through your firewalls and evades your antivirus? Learn how to fight back with this tip.
How to stop rogue DHCP server malware
Rogue DHCP server malware adds a new twist to an old idea ... but not so new that you cannot fight back, as explained in this story.
Short-lived Web malware: how much of a threat is it?
Malware-laden websites that only exist for a few days are a new tactic favored by criminals. Learn how they operate and how to fight back in this tip.
How to detect keyloggers
Learn how to detect keyloggers and the rootkits that enable them .
Is it possble to un-install a rootkit?
Rootkits are particularly nasty malware. Here's how to fight back.
Seven desktop security suites reviewed
This massive review of desktop security software compares CA Threat Man-ager 8.1 and Host-Based Intrusion Pre-vention System 8; eEye Digital Security Blink Enterprise Edition; IBM ISS Pro-ventia Desktop Endpoint Security 9.0; McAfee Total Protection for Enterprise; Sophos Endpoint Security and Control 7.0; Symantec Endpoint Protection 11.0 and Trend Micro OfficeScan 8.0.
Malware targets latest MSFT flaw
The vulnerability recently patched by Microsoft has been targeted by a new piece of malware.
First Internet worm turns 20
The Morris worm turned twenty this week. What have we learned since this first Internet attack, and the eerily accurate analysis of future security risks it provoked?
Why bother scanning for viruses in XP's normal mode?
For detection, it is great to have antivirus in an enterprise environment running at regularly scheduled times, but it is not the only vector that should be used to identify malware. John Strand reveals some of the others.
Problems with anti-virus whitelisting
In this week's edition of Risky Business, our weekly security podcast, Patrick Gray files from Kaspersky's partner conference in St Petersburg and learns about issues with whitelists.
Trace Malware's steps with RE:Trace
Former Black Hat Noah Schiffman explains how to track, trace and (hopefully) squash malware.
How botnets like Storm and Nugache work (and what you can do to defeat them)
Researchers explain that the Storm trojan and other P2P threats are not getting any easier to manage. In fact, the folks behind this malware are smart and are making it harder to defend against their wares.
"Kraken" botnet gathers 100,000 new members
A botnet called "Kraken" has overtaken the network created by the Storm trojan and is now considered one of the worst sources of Spam on the Net.
Service Provider special: How to make sure your customers' anti-virus works
If you're a security services provider, this checklist will ensure your clients' is anti-virus software is up to date - and might send a little more revenue your way!
Antivirus passes opera's audition
Opera Australia was having virus and malware problems - until they adopted a new system!
Don't remove malware - prevent it!
Getting rid of malware is a tough task - so why not prevent it instead, using the approaches outlined in this article!
How to move on malware
Removing malware is a tricky task, but Benjamin Vigil has some ways to tackle the threat.
Storm, Nugache lead dangerous new botnet barrage
A new breed of malicious software is spreading on the Web. It's engineered to change on the fly, adapt to its environment and evade traditional defences.
Using virtual honeypots to track botnets Part 4: Defending against bots
Learn how to take action against bots, once you've identified them.
Experts predict Storm Trojan's reign to continue
While estimates of the Storm Trojan's size and scope vary, security researchers say the Storm's grip is here to stay.
SSCP Domain 7: Malicious code -- Blocking file extensions
Blocking the file extensions outlined in this book excerpt will help protect customers' systems from malware.
When signature based antivirus isn't enough
Zero-day exploits, targeted attacks and increasing demands for endpoint application controls are driving the rapid metamorphosis from signature-based antivirus and antispyware to HIPS-based integrated products.
New security vendors take on sophisticated attackers
Some security vendors are developing technologies that show promise in preventing unknown attacks and protecting machines with zero-day vulnerabilities.
Storm worm keeps spreading
Update: A Trojan that first exploited concerns about a storm that battered Europe last week has broken into new variants with new techniques and a wider range of fake headlines.
Check Point to acquire NFR Security
In other news: New flaws affect Microsoft, McAfee and Yahoo Messenger, while Trend Micro discovers a so-called Vista zero-day flaw on sale for $50,000 a sample.
Review: Prevx1 not ready for prime time
Prevx1 will require significant improvement in management and detection capabilities before it can be considered a serious contender for enterprise deployments.
New exploits target Microsoft PowerPoint, IE
Microsoft may have patched the VML flaw in Internet Explorer, but now it faces new threats against the Web browser and PowerPoint.
Stration worm targets Windows machines
The worm uses several fake email messages, including one claiming to be a security update. Users are advised to avoid unsolicited email attachments.
Mocbot update targets MS06-040 flaw
Security experts raised the red flag Sunday as new malware targets the Windows flaw addressed in the MS06-040 patch. Attackers are using the flaw to expand IRC-controlled botnets.
Microsoft Excel zero-day flaw discovered
Attackers could exploit the Excel zero-day flaw to launch malicious code. Security experts say users should beware of emails with Excel file attachments.
A Business Guide to Information Security: Threats and Compliance
In this excerpt from Chapter 1 of A Business Guide to Information Security, author Alan Calder identifies six future risks to information security and explains how they will affect individuals and organizations.
Czech your users, says A-V firm
Technology only contributes 30% to solving security problems, according to the Global Security Strategist for Czech anti-virus software vendor Grisoft.

News (9)

Zeus Trojan evades AV software, draws 74,000 PCs into botnet
Researcher at NetWitness say the Zeus Trojan is responsible for a newly-found cache containing stolen personal information and warn that antivirus sofwtare is not adept at stopping new variations of the malware.
Conficker botnet reaches 7 million machines
Despite inactivity, the number of bots created by the fast spreading Conficker/Downadup worm is in the millions, according to the Shadowserver Foundation, which monitors botnets.
Microsoft releases free antivirus software
Microsoft has released Security Essentials, a free program suited to those who need lightweight antivirus protection.
AusCERT finds malware pre-installed on HP USB keys
AusCert has found malware pre-installed on USB keys that ship with some HP ProLiant servers.
Fake Microsoft patch on the loose
An email advising of a new Microsoft is, in fact, a fake.
Trojan toolkit infected 10,000 Web sites in December
Attackers infected at least 10,000 trusted Web sites with malware last month using the Random.JS Trojan toolkit.
New rootkit threatens Windows users
A rootkit discovered in the wild has silently infected about 5,000 victim's machines, according to a warning issued by Symantec security researchers.
'Worm' targets Sun Solaris Telnet flaw
Security researchers have found evidence that a worm is trying to exploit the recently patched Telnet flaw in Sun Solaris. Experts say it's another reason to stay away from Telnet.
Security Bytes: Phishing worm spreads through MySpace
In other news: Security researchers warn of a new flaw in Microsoft Windows and EveryDNS is hit by a massive botnet attack.

Tips (19)

The downside of cloud-based antivirus
Although cloud-based antivirus can supply better protection than regular antivirus, it introduces a few problems for administrators.
How to tell if you've been infected by a P2P botnet
Think there could be a peer-to-peer botnet on your system? Here's how to be sure.
Researcher disinfects multimedia Trojans
Security researcher developed a tool to cure infected Windows Media audio and video files with GetCodec Trojans, a form of media based malware.
How to survive ransomware attacks that use advanced encryption algorithms
Ransomware is the latest malware threat and involves your data being encrypted by cyber-criminals, who then demand payment to decrypt it. Here's how to spoil their fun!
How to stop malware in its tracks
Expert Lenny Zeltser offers a malware-defence blueprint every enterprise can follow, plus plenty of free tools to help along the way.
PatchGuard defends against rootkits in Windows Vista
Learn about PatchGuard, a new feature in Windows Vista, and Kernel Patch Protection, both of which defend against kernel hooking and rootkit infection.
Thinking fast-flux: New bait for advanced phishing tactics
Ed Skoudis reviews fast-flux botnet tactics and explains how to conduct an investigation of the advanced phishing technique.
Determining the proper Microsoft malware removal tool
Learn the difference between antispyware and antivirus tools to determine which malware removal tool your Windows machine needs.
Shining a spotlight on rootkits
Scott Sidel discusses rootkit attacks, and unveils several free software tools that can help to assist security professionals in the rootkit detection process.
Metamorphic malware sets new standard in antivirus evasion
Mutating computer viruses have been around for some time, but one type of malware possesses the ability to constantly rewrite its own code to successfully evade the most sophisticated antivirus systems. Noah Schiffman explains how metamorphic malware works, how it differs from polymorphic malware and the best defence strategy for enterprises.
Free ClamAV clamps down on e-mail security
In this monthly Downloads column, contributing editor Scott Sidel examines Clam AntiVirus, an open source antivirus toolkit for Unix, specializing in email scanning on mail gateways.
Polymorphic viruses call for new antimalware defenses
Attackers are always looking for innovative ways to dodge antivirus software, and many of the bad guys are now creating polymorphic code to do just that. But it's not just the malware writers who are raising the bar. In this tip from our Ask the Experts section, contributor Ed Skoudis explains how antimalware vendors are responding to this emerging threat.
How well does virtualization technology defend against malware?
Virtualization products can protect your host operating system from malware, but the their detection methods aren't foolproof. In this expert Q&A, information security threats expert Ed Skoudis explains how malware and its writers are catching on to VMware.
What are polymorphic viruses?
Polymorphic viruses are built to dodge signature-based detection technologies. In this expert Q&A, Ed Skoudis examines the morphing malware and reveals which defenses are keeping up with the threat.
Can rootkit detection mechanisms stop the Blue Pill?
At Black Hat 2006, researcher Joanna Rutkowska unveiled a piece of machine-based malware called the Blue Pill. But is it a serious threat to your operating system? Ed Skoudis explains in this expert Q&A.
How can I prevent an FU rootkit from spreading throughout a network?
Information security threats expert, Ed Skoudis, explains the best way to stop an FU rootkit outbreak. Learn how to clean up your infected machine and prevent the malware from spreading across your network.
Are there any Trojans or malware that target Blackberries?
Use a Blackberry? In this information security threats Ask the Expert Q&A, Ed Skoudis examines what, if any, attacks threaten the stability of its environment.
How to perform an email scan to protect against viruses
Scanning your email for viruses before it reaches your Exchange Server can prevent the spread of viruses. In this applicaton security Ask the Expert Q&A, SearchSecurity's expert explains how to perform and effective email scan.
Is it a common practice to deny/filter e-mails that contain files with macros?
In this Ask the Expert Q&A, resident network security expert, Mike Chapple, discusses whether it a common practice to deny/filter e-mails that contain files with macros.

Case Study (1)

Wattyl you do about security?
Paintmaker Wattyl upgraded its anti-virus software and now manages more than 1000 endpoints in accordance with centralised policies.

General Content (5)

Threats to physical security
This is tip No. 6 in our series, "How to assess and mitigate information security threats," excerpted from Chapter 3: The Life Cycle of Internet Access Protection Systems of the book "The Shortcut Guide to Protecting Business Internet Usage" published by Realtimepublishers.
Social engineering
The fith tip in our series "How to assess and mitigate information security threats," excerpted from Chapter 3: The Life Cycle of Internet Access Protection Systems of the book "The Shortcut Guide to Protecting Business Internet Usage," published by Realtimepublishers.
Network-based attacks
The second tip in our series, "How to assess and mitigate information security threats," excerpted from Chapter 3: The Life Cycle of Internet Access Protection Systems of the book The Shortcut Guide to Protecting Business Internet Usage published by Realtimepublishers.
Balancing the cost and benefits of countermeasures
The final tip in our series, "How to assess and mitigate information security threats," excerpted from Chapter 3: The Life Cycle of Internet Access Protection Systems of the book "The Shortcut Guide to Protecting Business Internet Usage published by Realtimepublishers.
Malware: The ever-evolving threat
The first tip in our series, "How to assess and mitigate information security threats, excerpted from Chapter 3: The Life Cycle of Internet Access Protection Systems of the book The Shortcut Guide to Protecting Business Internet Usage published by Realtimepublishers.

© 2010 TechTarget ANZ. All Rights Reserved. Designated trademarks and brands are the property of their respective owners. Use of this website constitutes acceptance of the TechTarget ANZ Terms and Conditions and Privacy Policy.

TechTarget ANZ sites: SearchCIO.com.au | SearchNetworking.com.au | SearchSecurity.com.au | SearchStorage.com.au | SearchVoIP.com.au