PandaLabs Blog

We are good at finding names (Thu, 02 Sep 2010)
We have received this file today. Rogue creators are spending less time creating interface and spending more time to find a new name. Malware name: Adware/MySecurityShield VirusTotal File name: 622ed7d54cbeb06ef977ee111e2b97ddf3f78dd5 Submission date: 2010-09-02 16:09:43 (UTC) Result: 24/ 43 (55.8%) Domain List report.countdom.net update1.best-pc-guardever.com update2.safe-your-pcnow.net Domain Owner Registrant Contact: UIS Garritt Kooken gkook@checkjemail.nl +86.592257788 fax: +86.592257788 Rue de Virton 237 Evegnee Evegnee 11111 in Screenshot The sample we received today: Sample appeared in April  (from malwaredatabase.net)
>> read more

Chilean miners tragedy used to distribute malware (Thu, 02 Sep 2010)
We want to warn you of a Banker Trojan that is using the news of the miners trapped in Chile to be distributed and infect users. It has been detected as Banbra.GUC. The malicious file reaches the computer with the following icon: When this file is run, the Internet Explorer browser is opened showing a Youtube video [...]
>> read more

Mariposa: the Slovenian story (Wed, 01 Sep 2010)
Some weeks ago it was announced that the Slovenian police had arrested some individuals who were responsible for selling the bot that was used to build the Mariposa botnet, whose creators were also arrested in Spain last March. Many confusing news have appeared since then, but thanks to Peter Lovšin, who has been really helpful, [...]
>> read more

How to Get Hacked on Facebook (Sat, 28 Aug 2010)
One of the most common scenarios we observe on a daily basis are users coaxed into phishing campaigns and malicious applications on Facebook.  As we interact with our friends and family on social networks, we tend to trust of any and all of the information that appears to be from our “trusted network.”  However, Facebook [...]
>> read more

IT Security News

Do Geotagging and Presence Put Your Enterprise at Risk? (Sat, 04 Sep 2010)
Sometimes knowing who, what, where, and when is not such a good thing. Security consultant Diana Kelley explores the dangers of geo-location to your business's information security.
>> read more

Microsoft's 'Reliability Update' Is Not So Reliable (Sat, 04 Sep 2010)
One of several non-security updates is causing system crashes for some Windows 7 and Windows Server 2008 R2 users. What does Microsoft have for a solution?
>> read more

PC Security Tips for Corporate Executives (Sat, 04 Sep 2010)
When it comes to corporate data, you can never be too careful. Security expert Michael Horowitz offers invaluable tips for securing your PCs.
>> read more

Is the U.S. Gearing Up for Cyber War? (Sat, 04 Sep 2010)
With cyber threats from abroad coming fast and furious, how serious is the United States about going on the offensive?
>> read more

Obama Cyber Czar Digs in For Long Haul (Sat, 04 Sep 2010)
After one month heading up Obama administration's top cybersecurity spot, Howard Schmidt sees plenty of opportunities-and plenty of work.
>> read more

Apache SpamAssassin Takes a New Route in Version 3.30 (Sat, 04 Sep 2010)
The widely deployed open source antispam engine gets its first major update in two years, with changes aimed at better tackling the problem of spam.
>> read more

Microsoft Warns About 17-Year-Old Windows Bug (Sat, 04 Sep 2010)
Who's at risk from virtual DOS vulnerability?
>> read more

Massachusetts Senate Race Spurs Malware Flurry (Sat, 04 Sep 2010)
Symantec security researchers found that 33 of the top 100 search results from "Massachusetts senate race results" took users to malicious sites.
>> read more

Demand for Networking and Security IT Pros Remains High (Sat, 04 Sep 2010)
Last year, IT professionals with experience and skills in networking and security were in demand, and this should remain the case through 2010.
>> read more

IBM Adds Code Quality Analysis to Rational (Sat, 04 Sep 2010)
Big Blue integrates static analysis into Rational following the acquisition of Ounce Labs.
>> read more

One Bug Fix Coming on Patch Tuesday (Sat, 04 Sep 2010)
Tuesday's single patch is rated critical for Windows security--the highest level of Microsoft's four-tier security threat severity scale--only for Windows 2000 Service Pack 4 (SP4).
>> read more

New Malware Tactics, Targets Expected in 2010 (Sat, 04 Sep 2010)
Security software vendor predicts Adobe apps will eclipse Microsoft as most prominent targets for hacking.
>> read more

2010: A Malware Odyssey (Sat, 04 Sep 2010)
Socially engineered scams, poorly protected databases and the arrival of Windows 7 will keep security software vendors and their clients busy in the new year.
>> read more

Simple Data Security Solutions (Sat, 04 Sep 2010)
If you prioritize data security--and who doesn't?--the Aegis Padlock portable hard drive offers a secure, affordable solution for Windows, Mac, and Linux that's simple enough for even non-IT pros to manage.
>> read more

Intel Patches Trusted Execution (Sat, 04 Sep 2010)
Intel patches for a critical flaw that could have made trusted execution less than trustworthy.
>> read more

AirTight Simplifies Wireless Security and Performance Analysis (Sat, 04 Sep 2010)
SpectraGuard Enterprise 6.0 adds new forensics and troubleshooting modules to improve Wireless IPS signal-to-noise ratio and cut TCO.
>> read more

Obama Taps Former Microsoft Exec to Head Cybersecurity (Sat, 04 Sep 2010)
Prolonged search for White House cybersecurity coordinator leads to a former Bush official.
>> read more

12/22: DelpBanc-A Steals from Banking Sites and Other Warnings (Sat, 04 Sep 2010)
A summary of spyware, virus, and other malware warnings from the past 24 hours.
>> read more

Tips and Tricks for Using 802.1X in Windows (Sat, 04 Sep 2010)
Securely set 802.1X settings to prevent man-in-the-middle attacks; get a review of the new advanced settings for 802.1X in Windows 7; and learn tips for enabling 802.1X for wired networks and for removing cached login credentials.
>> read more

Mozilla Updates Firefox 3.5.6 for Three Critical Flaws (Sat, 04 Sep 2010)
New version of open source browser tackles memory corruption and spoofing issues.
>> read more

Top Security at VMworld (Fri, 03 Sep 2010)
There were noteworthy cases of innovative security at VMworld 2010 that can be applied to both virtual and physical environments that captured my "Top Security in Show" awards. read more
>> read more

Sub7 Trojan / Backdoor (Fri, 03 Sep 2010)
A brief description of the capabilities of the Sub7 Trojan horse hacker utility software
>> read more

Hacker Defense Tools (Fri, 03 Sep 2010)
This is a listing of software to help you secure and protect your computer from various sorts of malware or malicious hacking attempts.
>> read more

Free Security Software (Fri, 03 Sep 2010)
Free tools to help you secure and protect your network from the following categories: firewalls, antivirus, virus removal, miscellaneous security, email spam blocking, spyware removal, pop-up and messenger spam blocking, vulnerability scanning, intrusion detection (IDS), packet sniffer, port scanner, encryption, enumeration, network monitoring and wireless network security.
>> read more

Sniphere (Fri, 03 Sep 2010)
A short profile of the Sniphere protocol analyzer (packet sniffer) program.
>> read more

Ad-Aware Pro AE (Fri, 03 Sep 2010)
A review of Ad-Aware Pro AE (Anniversary Edition). Lavasoft released new versions of Ad-Aware dubbed AE for Anniversary Edition in honor of 10 years of leading spyware and malware protection.
>> read more

Vista Parental Controls (Fri, 03 Sep 2010)
A visual step-by-step guide to configuring and using the Parental Controls features of Windows Vista
>> read more

UAC UIAccess Secure Desktop (Fri, 03 Sep 2010)
A brief explanation of the Allow UIAccess Applications to Prompt for Elevation Without Using the Secure Desktop setting in Windows Vista Local Security Policy - Security Options - User Account Control settings.
>> read more

Computer Security 101- Quiz 1 (Fri, 03 Sep 2010)
A quiz based on Lesson 1 of Computer Security 101 on the About.com Internet / Network Security site
>> read more

Analyzer (Fri, 03 Sep 2010)
Profile of Analyzer, a free public domain protocol analyzer (packet sniffer) for Windows platforms.
>> read more

Hacking Exposed 6 Review (Fri, 03 Sep 2010)
A review of Hacking Exposed 6, the 6th edition of the #1 best-selling computer security book of all time. Written by George Kurtz, Stuart McClure, and Joel Scambray, Hacking Exposed 6 is also the 10th Anniversary of the original title.
>> read more

AnalogX Packetmon (Fri, 03 Sep 2010)
A brief profile of the freeware AnalogX Packetmon protocol analyzer (packet sniffer)
>> read more

Hacker Technique and Defens... (Fri, 03 Sep 2010)
top picks for books about hacker and cracker tools, techniques, tricks and tips and how to protect and secure your computers or network to defend it from being vulnerable to attack
>> read more

Digital Fortress (Fri, 03 Sep 2010)
A review of the cyber-thriller novel Digital Fortress by Dan Brown. An excellent novel highlighting encryption and high-technology espionage as well as some government / privacy issues.
>> read more

Plastic Sniffer (Fri, 03 Sep 2010)
A profile of the small, fast protocol analyzer (packet sniffer) Plastic Sniffer.
>> read more

Secret Passage (Fri, 03 Sep 2010)
Remote network access opens a backdoor or secret passage to the corporate network that is difficult, if not impossible to secure and protect.
>> read more

Secure Your Wireless Network (Fri, 03 Sep 2010)
Secure Your Wireless Network: Understanding the threats and how to protect your network against them
>> read more

Foundstone FPort (Fri, 03 Sep 2010)
A brief profile of the FPort port scanning utility available for free from Foundstone, a division of McAfee
>> read more

Profile: Sub7 (Fri, 03 Sep 2010)
While there are slicker and more expensive backdoor or Trojan programs that can be used to monitor and control remote systems, Sub7, a.k.a. Backdoor-G, remains one of the most powerful and widely used. This profile offers a look at some of the functionality built into this tool.
>> read more

NetStumbler (Fri, 03 Sep 2010)
A profile of NetStumbler, a beggarware software utility to locate and identify wireless access points
>> read more

Configure Internet Explorer... (Fri, 03 Sep 2010)
How-to configure Internet Explorer Security will walk through a tutorial of basic steps required to configure security settings in the Internet Explorer web browser
>> read more

Profile: Nessus (Fri, 03 Sep 2010)
profile of freely available Nessus open source vulnerability scanner from your About.com Guide for Internet / Network Security, Tony Bradley
>> read more

The Da Vinci Code (Fri, 03 Sep 2010)
A review of the best-selling thriller The Da Vinci Code by Dan Brown. It has only loose connections to cyber security or cyber fiction through some code-breaking and cryptography, but it is an excellent book.
>> read more

Vista Password Policy (Fri, 03 Sep 2010)
A step-by-step tutorial for configuring Password Policy in Windows Vista Local Security Policy - Account Policy settings.
>> read more

Security Basics At Home (Fri, 03 Sep 2010)
a short article describing basic computer and network security steps for home users and small office home office (SOHO) users
>> read more

Phishing Protection (Fri, 03 Sep 2010)
Phishing scams have spiked recently and have become more of a concern. This article talks about what phishing scams are and illustrates five steps users and companies can take to keep from being victimized by phishing scams.
>> read more

Disable SSID Broadcast (Fri, 03 Sep 2010)
Wireless network equipment generally has a beacon which broadcasts information, part of which usually includes the SSID, about the wireless network every few milliseconds. Disable the SSID broadcast so that random wireless devices won't have it announced to them.
>> read more

ComSec 101 - Quiz 1 (Fri, 03 Sep 2010)
A short quiz to test how much you learned from the first lesson of the Free Computer Security 101 course.
>> read more

Vista Security Gadgets (Fri, 03 Sep 2010)
One of the semi-frivilous new features of Vista is the Sidebar, which can hold a variety of "Gadgets". There are gadgets to display the time, the local weather, your calendar, and a wide variety of third-party gadgets for monitoring all aspects of your computer system. These are the top picks for security-related Gadgets for the Sidebar.
>> read more