Showing posts sorted by relevance for query Bitdefender. Sort by date Show all posts
Showing posts sorted by relevance for query Bitdefender. Sort by date Show all posts

Bitdefender total Security 2012

Posted by Avik Sarkar On 7/29/2011 11:38:00 am


Bitdefender has updated its suites for the coming year, and it says it has done it in part by adopting a bit of Romanian lore. Although, to be honest, it may also sound familiar to fans of George R.R. Martin's Game of Thrones series. Available exclusively today from CNET Download.com, Bitdefender Total Security 2012 (download), Bitdefender Internet Security 2012 (download), and Bitdefender Antivirus Plus 2012 (download) were improved in part by taking on the "philosophy based on mythical wolf-dragon from Romania," said Matt Hicks, the company's global public relations manager. The wolf-dragon, he said, is supposed to represent security and alertness. 
Whatever the impetus behind the redesign of the suite, there's no doubt that they include a number of notable improvements. A revamped interface has given the suites a cleaner design that feels lighter and easier to use, while retaining its modularity. The virus-detection engine has been improved to look at processes while they are running, while Bitdefender's own processes were moved to the kernel to make it more difficult to for threats to circumvent the suite. In turn, this has reduced the suite's impact on system resources, according to Catalin Cosoi, Bitdefender's head of Online Threats Lab.
The browser add-on for Firefox and Internet Explorer has been wisely done away with, replaced by a make-agnostic module that will protect you across all five major browsers by scanning Web traffic before it reaches the browser. A new autopilot feature has been added to create a completely silent security experience. It's similar to Bitdefender's competitors' "silent" or "gaming" mode, although it does a bit more than just silencing security pop-up alerts. It also makes some changes to the program's settings, in how it deals with threats, and it also is on as the default setting for Bitdefender. Meanwhile, a vulnerability scanner will check your computer for outdated programs, drivers, and patches, and recommend solutions.
The Bitdefender Safego tool has been integrated into the suite, too. It performs link scanning for Facebook, with plans to include Twitter support soon. On Facebook, it will scan your news and wall feeds. It's also available for free to all Facebook users, and the company's Android app remains free to use for all, as well.
The rescue mode changes are extremely useful. If threats like rootkits can't be removed easily, the computer is rebooted into rescue mode. Florin Virlan, Software Engineering Director, said that Bitdefender's rescue mode differs from competitors because it creates a "self-contained Linux OS, contained in one encrypted file on your PC," that the rescue mode boots into. It also adds Linux as an option to your boot BIOS. 
The Safebox feature, which automatically backs up your files to a remote server when changes have been detected, will now sync files across multiple computers when they are running Bitdefender. Notably, Safebox is the only new or improved feature that only comes in Bitdefender Total Security 2012. The other improvements have been made across all three suites.
One thing to watch out for is that Bitdefender does not play well with any other security program, even the ones designed to work as complements to security suites like Malwarebytes. Come back to Download.com later today to read full reviews of Bitdefender's 2012 suites. 
For More info Click HERE

-News Source (CNET)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Flame -The "Super Spy" Even On Offline Computers Turning Users into Data Mules

Posted by Avik Sarkar On 6/17/2012 02:48:00 am

Flame -The "Super Spy" Even On Offline Computers Turning Users into Data Mules

The program known as Flame has fascinated the cyber-security industry with its sophistication and versatility as a Swiss-Army knife of cyber-spying. Now researchers have discovered another unexpected tool in its data-stealing arsenal: You.
Malware analysts at the security firm Bitdefender say they’ve found a unique capability within Flame’s code that would potentially allow it to steal data even from computers that aren’t connected to the Internet or to other networked machines. Instead of simply uploading stolen data to a remote server as traditional spyware does, Flame can also move the target information–along with a copy of itself–onto a USB memory stick plugged into an infected machine, wait for an unwitting user to plug that storage device into an Internet-connected PC, infect the networked machine, copy the target data from the USB drive to the networked computer and finally siphon it to a faraway server.
Spreading itself over an infected USB device is hardly a new trick for malware. But Bitdefender’s researchers say they’ve never before seen a cyberespionage program that can also move its stolen digital booty onto the USB stick of an oblivious user and patiently wait for the opportunity to upload it to the malware’s controllers.
“It turns users into data mules,” says Bitdefender senior malware analyst Bogdan Botezatu. “Chances are, at some point, a user with an infected flash drive will plug it into a secure computer in a contained environment, and Flame will carry the target’s information from the protected environment to the outside world…It uses its ability to infect to ensure an escape route for the data. This is is somewhat revolutionary for a piece of malware.”
Flame was designed to use the same .lnk autorun vulnerability first exploited by the NSA-built Stuxnet malware to invisibly install itself on USB devices. To hide its trove of stolen data on the user’s device, Flame copies both itself and its data to a folder labelled with a single “.” symbol, which Windows fails to interpret as a folder name and thus renders as invisible to the user. “What we have here is a little hack/exploit performed on how the operating system is interpreting file names,” Bitdefender’s researchers wrote in a blog post on Flame last week.
When an infected USB is plugged into a networked machine, Flame checks that it can contact its command and control server through that computer. Then it moves its target data off the USB to the PC, compresses it, and sends it to the remote server via HTTPS, according to Bitdefender’s analysis. The researchers found that while Flame is capable of infecting networked PCs for the purpose of exfiltrating its data, the version they analyzed had rendered that infection capability inactive, perhaps to avoid the spyware spreading too far, so that only PCs already infected with Flame would be capable of acting as gateways back to the malware controller’s server. The fact that the spyware’s infection technique was turned off may be evidence that the “data mule” in the Flame operation may in fact have been aware of his or her role as an data smuggler.


Regardless, Botezatu says Flame’s USB-piggybacking trick fits with its profile as a highly sophisticated spying tool meant to steal a target’s most protected secrets–not just another cybercriminal keylogger designed to catch credit card numbers. “Most of the infrastructure it targets is highly contained, often without Internet access,” says Botezatu. “It’s natural for Flame to have a mechanism for moving data from one environment to another that doesn’t rely on Internet or network communications.” For additional details can be found here

-Source (Forbes)






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

0-Day Vulnerability in Yahoo Messenger, An Attacker Can Change The Status Update Remotely

Posted by Avik Sarkar On 12/04/2011 04:41:00 pm


Zero day exploit found in Yahoo messenger allowing attackers to change the status update remotely. Version 11.x of the Messenger client (including the freshly-released 11.5.0.152-us) is infected with this 0day vulnerability. The status message change occurs when an attacker simulates sending a file to a user. This action manipulates the $InlineAction parameter (responsible for the way the Messenger form displays the accept or deny the transfer) in order to load an iFrame which, when loaded, swaps the status message for the attacker's custom text. This status may also include a dubious link. This iFrame is sent as a regular message and comes from another Yahoo Instant Messenger user, even if the user is not in the victim’s contact list. The exploit delivers its payload when the attacker simulates sending a file to the user. The bogus file tricks Messenger into loading an iFrame that then swaps the status message for whatever garbage the attacker wants to load, including a potentially "dubious" link, as Bitdefender describes it. The iFrame comes over as a regular message from another Yahoo Instant Messenger user, even if the user isn't in the victim's contact list.

  • Why it is so dangerous? 
Status messages are highly efficient in terms of click-through rate, as they address a small group of friends. Chances are that, once displayed, they will be clicked by most contacts who see them. One scenario: the victim's status message is swapped with an attention-getting text that points to a page hosting a zero-day exploit targeting the IE browser, the locally installed Java or Flash environments or even a PDF bug, to mention only a few. Whenever a contact clicks on the victim’s status message, chances are they get infected without even knowing it. All this time, the victim is unaware that their status message has been hijacked.
Another lucrative approach to changed status messages is affiliate marketing (ie: sites that pay affiliates for visits or purchases through a custom link). Someone can easily set up an affiliate account, generate custom links for products in campaign, then massively target vulnerable YIM victims to change their status with the affiliate link. Then, they just wait for the contact-generated traffic to kick in. There are actually a couple of services that pay YIM users to change their status with custom links as part of their business.


  • Who is Safe?
You are running a Bitdefender security solution (Bitdefender Antivirus Plus, Bitdefender Internet Security or Bitdefender Total Security). We detect this threat via the HTTP scanner and block it before it reaches the Messenger application.
You have Yahoo Messenger set to “ignore anyone who is not in your Yahoo! Contacts“(which is off by default).


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Bitdefender Mobile Security For Android Devices

Posted by Avik Sarkar On 12/03/2011 03:55:00 pm


Bitdefender released mobile security tool for Android devices which will protect the device from trojans, malware and so on. Bitdefender Mobile Security provides smart antivirus and web security for devices running Android. Its in-the-cloud scanning technology detects even the latest threats without putting a strain on the battery. Bitdefender for Mobile Security also provides information about billable services and applications' requirements for access to Internet or private user data, helping users make informed choices about their privacy and data security. This product is available in the Android market for download. Android users worried by the recent scare regarding the Carrier IQ application embedded in some Android phones should not expect anti-malware tools to give them peace of mind, as they are unlikely to detect it. "Our Mobile Security looks only at newly installed applications and basically considers that the device firmware itself is safe," said Bitdefender global research director Catalin Cosoi.




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

BitDefender Offers Insights Into Recently Discovered Facebook Vulnerability

Posted by Avik Sarkar On 5/18/2011 12:59:00 pm



Symantec discovered a security vulnerability that affected the way third party programs, such as games and other applications, accessed user data and information. According to BitDefender®, an award-winning provider of innovative internet security solutions, the entire issue is related to OAUTH, the secure authorization protocol, and the use of some deprecated parameters by different applications which are still not updating from OAUTH to its latest version, OAUTH2.0.
From this vulnerability, third parties, such as advertisers can get hold of access tokens, which open Facebook users' account information (such as basic information, profiles, pictures) and will sometimes give them the ability to perform different actions in the user's name.
"At the current time, it is unclear whether there actually was a data breach or not. Symantec discovered a security issue and notified Facebook accordingly," commented Catalin Cosoi, Head of the BitDefender Online Threats Lab. "This could mean that the issue was proactively discovered and Facebook fixed it before anyone lost any data. On the other hand, it could mean that it is a known vulnerability in the underground or unethical world and users' private data has been leaking for some time now."
Facebook has solved this issue as soon as possible, but this episode teaches all users two main lessons: (1) applications should have switched to the new authorization mechanism as soon as possible and (2) if any data was leaked, there's not much to be done now, since it is lost for good.
Although it should not be the case here, information extracted from social media can be easily converted into directed attacks, like phishing, highly social engineered spam messages and possibly even identity theft. Users should pay extra attention in the following months when it comes to all messages received and be very careful when asked to perform different actions, even if the messages/requests come from a trusted source.
"This information can be illicitly used by marketers and advertisers in order to better profile their users and to serve ads based on interests and views. As always, a good way for Facebook users to invalidate their current access tokens is for them to change their passwords," advised Cosoi.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Facebook Get Updated & Created New Security Concerns

Posted by Avik Sarkar On 10/01/2011 01:12:00 pm

Facebook CEO Mark Zuckerberg unveiled a raft of changes at this year’s f8 Developer Conference, many of which have left security experts concerned about a rise in Twitter-style spambots as well as targeted cybercrime attacks on users.
New privacy controls as well as the new Subscribers, News Ticker and Timeline features have boosted usability and sharing on the social networking, but according to BitDefender, the changes could also mean a rise in the number of privacy and security breach incidents.

The company has created a list of the Facebook changes, and the impact they could have on online security:-

1. Smart Lists, will prompt users to share more information publicly, but will also have the adverse effect of supplying ammunition for targeted attacks.
Smart Lists encourage people to complete their profile with details of their career, work projects, where they went to school or which city they live in. Every time someone creates a list with colleagues from a specific job, this is tagged in their profile. Of course, this is generally not confidential information, and the user has the final decision on whether to approve or reject the tag. But having this information public and indexable will make it much easier to create sophisticated, targeted attacks. Attackers will be able to find out exactly who is working for a specific company at any given time, their job and, more importantly, what project(s) they are working on. The additional information available to a hacker may lead to an increase in socially engineered attacks on businesses, where hackers attempt to gain access to a company’s network or confidential information by targeting its employees as the point of entry.


2. The Subscribe feature could increase the number of spambots, just like on Twitter.
The subscribe feature lets Facebook users follow people of interest, much like Twitter. It also allows your updates to be followed by others, even if they are not friends with you on Facebook. But with the introduction of Twitter-like features, BitDefender believes that Facebook users may see an increase in the number of Twitter-like threats and annoyances, too.
These include spambots and fake schemes that try to lure users in with promises of obtaining more subscribers to their profile page.

3. The Timeline feature means everything you’ve ever shared on Facebook is now available and easy to browse.
Timeline is a revolution of usability, but it’s also the open story of your life to date on the social network. If the default settings are not changed, to restrict who can see your wall, the content will, by default, be available for anyone to see. Friends, photos, places you have checked in, relationships and much more.
It’s important for Facebook users to be aware of this privacy setting when using Timeline, and adjust this accordingly.

4. Health is now social… and public.
The Facebook timeline considers health information social. While it will be easy to share health-related updates such as breaking a bone, undergoing surgery or overcoming an illness, this information is also set to public by default. While seemingly innocuous, information about health that is shared publicly may risk being exploited for identity theft or social engineering attacks.

5. Widgets, open the door to interactive scams.
With Timeline, Facebook also introduced widgets that live on users’ profile pages, which takes social interaction to a whole new level. Until now, anyone who had an application installed could only interact with other users within the app. Now, the app is on the user’s wall, so anyone who interacts with the user profile can also interact with the app.
This isn’t a concern for legitimate apps, but the ease with which they can be accessed may lead to fake or scam apps spreading quickly through the social network.


-News Source (F8, Dynamic Business & FB)



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

USB Immunizer: Anti-Malware Tool Against Autorun Viruses!

Posted by Avik Sarkar On 5/02/2011 11:59:00 pm



The USB immunizer is BitDefender’s response to this growing issue.
Autorun-based malware has been atop of the worldwide e-threat landscape, with notorious representatives such as Trojan.AutorunInf, the Conficker worm (Win32.Worm.Downadup) or Worm.Autorun.VHD. Have to agree on that, many of us get infected buy some silly malware simply by plugin in our friends or neighbours USB , DVD etc.

Introduced back in the Windows XP era to facilitate software installations from CD-ROM media for non-technical computer users, the Autorun feature has rapidly become the infection vector of choice for cyber-criminals.
The Immunize option allows you to immunize your USB storage device or SD card against infections with autorun-based malware. Even if your storage device has been plugged into an infected computer, the piece of malware will be unable to create its autorun.inf file, thus annihilating any chance of auto-launching itself.
The Immunize Computer slider allows you to toggle the autorun feature On or Off for any removable media (except for CD/DVD-ROM devices). If you accidentally plug in an infected USB drive that has not been immunized, the computer will not auto-execute the piece of malware located on the USB storage device.
Download USB Immunizer here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Anonymous Was Not Behind The Recent Attack on Facebook

Posted by Avik Sarkar On 11/20/2011 05:14:00 pm


Couple of days before the famous and largest social network of the world, facebook was under Porn and Gore Exploit. On that time it was doubted that Hacktivist Anonymous was behind this attack. Later it was found that there was no connection between Anonymous and Facebook. BitDefender security researcher George Petre tweeted that "I don't think that every Facebook scam is related to Fawkes Virus,". Facebook later confirmed that it had been hit with "a coordinated spam attack that exploited a browser vulnerability," but said it had identified those responsible.
In a note posted to Pastebin by "AnonymousWiki," the writer denied the hack, or the "Fawkes Virus" effort, was behind the Facebook outbreak.

Anon Said:-
"As we all know Operation Facebook was fake from the beginning. However some are experiencing an outbreak of pornography on Facebook. This is leading some to speculate that Anonymous is responsible for this, calling this outbreak the "Fawkes Virus". I assure you that Anonymous involvement with this is highly untrue. The fake operation (Operation Facebook) had a goal to "completely destroy Facebook" or take the site down off the web using forms of DDoS. As of now this is not occurring. Facebook is not experiencing any type of downtime nor is it completely destroyed. It is also past the due date of Operation Facebook (November 5th). So unless Operation Facebook changed its date of executing its purpose & changed its purpose entirely, this issue with Facebook does not involve Anonymous."

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

HSBC South Korea Hacked By Turkguvenligi (Turkish Trust League)

Posted by Avik Sarkar On 8/21/2011 01:44:00 pm


HSBC is the world's second-largest banking group but The website of HSBC South Korea has been hacked and defaced by a Turkish hacking group called Turkguvenligi (Turkish Trust League).
The group is known for high-profile defacements, its previous victims including microsoft.co.kr 
www.microsoft.com.br
secunia.com
www.destinyschild.com
www.victoriabeckham.com
evanescence.com
f-secure.co.kr
adobe.co.kr
bitdefender.or.kr and many others.

South Korea's Financial Supervisory Service (FSS) launched an investigation into the data breach and other banks reviewed and strengthened their security policies as a result.
South Korea has recently dealt with several large data breaches including one that affected over 35 million people. That's a huge number considering that the country has a total population of 48 million. 
In short Hackers are on the high node and that famous quote repeats "Security is an illusion" 

-News Source (Softpedia)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search