ZoneAlarm ForceField – Virtualized Browser Security

May 12, 2008 – 2:40 PM

ZoneAlarm ForceField provides a protective layer around your browser, shielding you from drive-by downloads, browser exploits, phishing attempts, spyware and keyloggers. So your passwords, your confidential information, and your financial data remain protected.

While traditional security, such as firewalls, antivirus, and security suites, protects your PC, ZoneAlarm ForceField protects your browser and everything you do on the web. Anytime you open your browser, ZoneAlarm ForceField goes to work, shielding you from browser exploits, blocking phishing and spyware sites, jamming keyloggers and screen grabbers, and preventing malicious downloads.

Features include:

Virtual Browsing – Builds a protective shield around your web browser. It creates a temporary clone of your browser so that anything you do on the web runs in a protected shell, sealed off from your PC.

Browser Threat Immunity – Immunizes your browser against security holes in Internet Explorer and Firefox. Prevents web sites from installing spyware and other malicious software onto your computer without your knowledge.

Private Browser – Erases all cache, cookies, history and passwords from the current session when you close the browser. This prevents the next person who uses the computer from seeing where you’ve been.

Keylogger & Screengrabber Jamming – Keeps your keystrokes and click trails private. Discovers and blocks silent spyware from stealing your identity.

Dangerous Download Detection – Detects dangerous downloads and alerts you to problems before they begin. You can download files safely, and free from worry that they might harm your computer.

Anti-Phishing – Click where you want, your personal information remains secure. Dual-engine anti-phishing identifies and stops fraudulent websites that trick you into revealing personal data.

Spy Site Blocking – Prevents spyware from infiltrating your PC by detecting and blocking websites known to distribute spyware.

Website Safety Check – Checks the credentials on every website you visit, so you know if the website is a safe place to enter data and download files.

Spyware Flushing – Auto-cleans your Web browser memory each time you close it, wiping away spyware and other dangers.

On-The-Fly Encryption – Temporary file encryption protects the data you enter online from spyware for an additional measure of security.

Seamless Integration – Compatible with all popular web browsers, including Internet Explorer and Firefox on XP and Vista.

Security Software Compatibility – Run ZoneAlarm ForceField with your current antivirus or security suite, for an essential level of critical web protection you would not have otherwise. It is compatible with all security software currently on the market.

Fast and Easy to Use – Installs in seconds and runs fast so it won’t slow you down. You can surf the web like always, knowing your PC is protected. ZoneAlarm ForceField runs automatically, without any setup or training.

ZoneAlarm ForceField Homepage

Posted in Internet, Privacy, Security | No Comments

Music Unleashes the Malware Beast

May 12, 2008 – 11:14 AM

This definitely won’t be music to the ears of music aficionados who acquire their MP3s from peer-to-peer (P2P) networks, but it’s definitely not something they haven’t heard of either.

A host of adware under the guise of media files on P2P networks have been reportedly raking up numbers of victims on the Web. It was initially reported by McAfee in their blog and gained attention after it was deemed worthy of a “medium” threat level by the said security vendor.

Investigations made by Trend Micro researchers reveal that some of the adware pose as an MP3 or MPG file in P2P networks under the following fake file names:

• Preview-T-3545425-kylie carried away.mp3
• Preview-T-3545425-patayin sa sindak si barbara.mp3
• Preview-T-3545425-say it tpain.mp3
• Preview-T-3545425-you are what love jenny lewis.mp3
• T-192511-Preview-T-3545425-hank wiiliams sr.mp3
• T-210943-Preview-T-3545425-lolie pop lil wyane.mp3
• T-2559308-Rare Recording.wma
• T-27595-Preview-T-3545425-last king of scotland 2006.mpg
• T-3523960-T-3545425-never back down sound track.mp3
• T-408673-T-3545425-billy ellot.mpg
• T-482753-Preview-T-3545425-ever same bon jovi.mp3
• T-56319-Preview-T-3545425-buddy holly just you know why.mp3
• T-660855-Preview-T-3545425-(Porno) Kim Kardashian & Ray J (full sex tape).mpg
• T-89957-Preview-T-3545425-that chick mariah carey.mp3

Read the rest of this story…

Posted in Internet, Privacy, Security, Software | No Comments

The case of the tampered USBs

May 12, 2008 – 11:05 AM

For years, organizations have focused on the evil outsiders that were behind attacks on their networks. Firewalls, IDS, IPS technologies have come to the rescue and have resulted in impregnable walls protecting organization networks. Now with strong walls, the challenge is ensuring the trusted insiders don’t walk out with the king’s crown.

Recently, I heard a story of a black-hat firm trying to gain access to a pharmaceutical company’s secrets. They put 4Gb USB sticks (properly marked and in manufacturers’ packaging) all over the parking lot. Employees picked up the sticks and some went straight to their computers and inserted them to see if they worked. Unknown to the employees, the USB had a boot program that installed a piece of software. The software made a copy of all outgoing mail. The duplicated e-mail was then being sent to the black hat servers, right through the firewall the company had.

Another example is a client where I went to review the finding of a risk assessment we had done. We had left our appliances deployed for one week and went back and created a report for presentation. The report contained incidents of data leakages. At the executive presentation we highlighted a highly secret spreadsheet that was sent to a number of consultants that should not have seen it. In the meeting the CIO challenged the findings and stated that it was impossible for someone to have sent that spreadsheet and he wanted the details of who sent it. We went to our appliance and found that it was sent by the CIO, except it was a tab in a larger spreadsheet. Organizations face data leakage not only from malicious activities but also from accidental disclosure.

Read the rest of this story…

Posted in Hardware, Networking, Privacy, Security | No Comments

Google scans web traffic for nasties

May 12, 2008 – 6:41 AM

Google’s new Web Security for Enterprise service enables companies in the US and Europe to safeguard their internet traffic with protection against viruses and spyware and malicious URLs. According to Google the system “powered by Postini, stops web-borne spyware and viruses before they infiltrate your network and compromise or disable your computers. All web requests are scanned in real-time, rather than solely relying on static URL lists …” Remote and roaming workers will allegedly be able to call into the company network more securely, even when they have to use untrusted connections in hotels, internet cafés and so on.

It is also rumoured on the internet that Google will join the data-exchange protocol for social networks on Monday. As Facebook’s Connect and Myspace’s Data Availability services already do, Google’s Friend Connect will allow exchange of users’ profile information, friendship lists, photographs and other personal data with other web services. Yahoo, eBay, Photobucket and Twitter are already on board as partners in social networks.

More common interfaces to social networks are being planned with other partners. In March Yahoo joined the OpenSocial initiative started by MySpace and Google, which has since been known as the OpenSocial Foundation. Common interfaces will be established within the foundation. Yahoo has also announced a radical opening up as part of the Yahoo Open Strategy and will be giving its offerings a “more social” slant.

Source: Heise Security

Posted in Internet, Networking, Privacy, Security | No Comments

What a Botnet Looks Like

May 12, 2008 – 6:10 AM

Researcher David Vorel mapped interconnected, bot-infected IP addresses and created this geometric representation; CSO contributor Scott Berinato annotated the map and added interactive controls so you can zoom in and explore botnets’ inner workings.

Read the rest of the story and view the map…

Posted in Internet, Privacy, Security | No Comments