Ymeak Worm : the Masquerade

BitDefender virus analysts warn users of P2P networks of a new threat.
The Ymeak.A worm has been spreading like wildfire, in part due to a
simple yet effective social engineering technique: it masquerades as
an installer executable of some popular program.

When it is first run, the worm displays a message ('The setup file is
corrupted') to lull the user into a false sense of security. It then
proceeds to download and install the RBot trojan. This done, the
trojan begins to spread itself from the victim's computer using any
of five file-sharing networks (Limewire, Shareaza, Bearshare,
Morpheus or Morpheus Ultra) as a vector and a new name.

"The bit of evil genius here is that the name for each new copy of the
worm is chosen at random from certain torrent and direct download
sites. This way, the worm will always have an attractive name, so
people will attempt to download and run it." declared Head of
Antivirus Lab Viorel Canja for BitDefender.

BitDefender users are not at risk and should let BitDefender antivirus
disinfect the infected files (if any are found).

Vista zero-day exploit code blocked.

Malware exploiting the latest unpatched vulnerability in Microsoft Windows has been found in the wild and blocked by BitDefender.Microsoft has not yet released a patch for the flaw which leaves Windows users vulnerable to attacks in the form of malicious e-mails or crafted web pages.



read more | digg story

BitDefender has launched the support forums

We are glad to announce you that starting from today you, all our users, fans and helpers, have a place to get all the information and the support you need in one place. We hope that this forum will be a good place for finding support and general discussions for all of you.



read more | digg story

BitDefender Mail Server Products Twin for Beta

BitDefender Security for Exchange and BitDefender Security for Mail Servers (Windows) betas on. Most thorough beta testers to win a professional notebook, a smart phone, four mp3 players and 10 licenses for BitDefender Security for File Servers.



read more | digg story

BitDefender Achieves Checkmark Premium Certification

FORT LAUDERDALE, Fla. – January 4, 2006 – BitDefender®, an award-winning provider of antivirus software and data security solutions, today announced that its anti-spam engine has been awarded the Checkmark PC anti-spam certification by independent UK certification outfit West Coast Labs. By blocking 97 percent of all spam during the certification p



read more | digg story

Poison Valentine

BitDefender® Labs issued a warning today stating that new variants of the Peed trojan are being heavily seeded by use of spam e-mail with Valentine's Day - related subjects and bodies. The messages have titles like 'Happy Valentine's Day' and contain executable attachments which are actually trojans.



read more | digg story

AMD's 'Frantic Price Cuts' May Pressure Intel

Price competition is sparking up again between the world's largest chip makers, Intel Corp. (Nasdaq: INTC) and Advanced Micro Devices (NYSE: AMD).



read more | digg story

IBM Adds Anti-Virus to ISS Endpoint Security Tools

IBM unveiled an updated version of Internet Security Systems' desktop security package on Nov. 20, adding new anti-virus and anti-spyware capabilities to the offering via an alliance with software maker BitDefender.

Expected to arrive before the end of 2006, ISS Proventia Desktop Endpoint Security aims to help companies manage the protection of PCs from external attacks.

With the integration of anti-virus tools provided by BitDefender, based in Ft. Lauterdale, Fla., the ISS system now offers personal firewall, intrusion prevention, buffer overflow protection, application and communications defense, and virus prevention technologies.

The release marks the first update of ISS' flagship endpoint security software since IBM, of Armonk, N.Y., purchased the company for $1.3 billion in August 2006, and follows the firm's roll out of a new ISS-branded security management appliance on Nov. 13, the first product released after the companies' merger.

Just as anti-virus market leader Symantec has rolled its desktop and Internet security tools into multi-function packages, IBM officials said they are expanding the ISS software to offer more tightly integrated security applications.

In addition to giving IT administrators a single interface to manage multiple desktop security functions, IBM executives said that pulling the various technologies together to operate using a single software agent on the PC lets the individual tools better share information to help ward off outside attacks.

While previous iterations of Proventia Desktop Endpoint Security have featured advanced behavior-based anti-malware technologies, the addition of BitDefender's software adds more traditional signature-based virus protection to the package.

Anti-virus vendors use the signature-based systems to help users battle threats that have already been identified by security researchers, whereas behavior-based tools excel at discovering new attacks, such as the recent crop of so-called zero day vulnerability exploits.

Company officials estimate that ISS' behavior-based anti-virus and anti-spyware technology can identify over 90 percent of all malware threats, but said the addition of signature-oriented tools helps provide for anything the system might miss.

"For a lot of the customized malware that we're seeing out there, using signature-based anti-virus would be like giving vaccine to a corpse, but conversely there are thousands of malware attacks out there that can be effectively mitigated using this type of approach, and customers want defense in depth," said Joshua Corman, host protection architect for IBM ISS.

Corman said that customers are also pushing security software makers to fold traditional anti-virus tools into more advanced technologies, as they know the more sophisticated approach catches more attacks, but they have become comfortable with having signature-based scanning and remediation in-house.

As a next step, ISS is experimenting with adding other tools to the Proventia Desktop Endpoint Security package to help protect against internal threats, including DLP (data leakage prevention) technology and tools used to manage user privileges for saving data to portable storage devices.

Pushed by the arrival of security products from Microsoft and continued demand from customers for more integrated products, Corman said that IBM and its rivals will likely find themselves joining more alliances such as the company's deal with BitDefender to help make their products as inclusive as possible, and to help the smaller companies find new avenues to market.

"Clearly there continues to be obvious drivers for consolidating security technologies from the management side, and then there are all the benefits that can be appreciated from having these tools work together, as in this product with a single agent," Corman said.

"Companies who are relying primarily on signature-based anti-virus won't be able to stop serious attacks like root kits and ransomware, but customers still enjoy the familiarity of those products, so combining the two is really the best approach."

IBM is still planning to deliver its new Proventia Management SiteProtector appliances before the end of November. Those products, which are also aimed at helping companies simplify oversight of different types of security tools, take the integrated strategy one step further by combining the products in a hardware form factor powered by a dedicated microprocessor.

While the appliance approach is gaining popularity in the security market, Corman said that enterprise customers still mostly prefer to consume their applications in the more traditional software format.

While greater numbers of large customers are buying the security devices, he said, many prefer to have the ability to pull the various applications apart to customize them to meet their specific demands.

Source - eWEEK