10/31/2005

Trend Micro to sell enterprise anti-spyware


Robert McMillan, IDG News Service

31/10/2005 12:01:41

Security vendor, Trend Micro, is set to announce its first anti-spyware product designed for enterprise users. The new product, called Anti-Spyware Enterprise Edition, incorporates software the company picked up in its May 2005 acquisition of InterMute and is one of multiple product announcements that Trend Micro plans to make this week.

The new enterprise anti-spyware product would give security administrators more detailed control over security settings than Trend Micro's existing anti-spyware offerings, and it would be able to automatically discover and then silently deliver software to desktops without disturbing desktop users, a senior product marketing manager with Trend Micro, Bob Hansmann, said.

Trend Micro has integrated the InterMute CWShredder software into this product, which makes it particularly effective at detecting the CoolWebSearch spyware variants.

Anti-Spyware Enterprise Edition had also been designed to work with other desktop security products, so users could adopt the product without necessarily using Trend Micro's antivirus products, Hansmann said.

An update of the company's PC-cillin Internet Security suite and an updated 3.0 version of the company's Client Server Security and Client Server Messaging Security products for small and medium-sized businesses were also expected to be announced.

PC-cillin Internet Security 2006 would include new anti-phishing features as well as improved antivirus, anti-spyware and home network protection, Trend Micro said.

A one-year subscription to Anti-Spyware Enterprise Edition is priced at $US11.55 per user for corporations with more than 500 users. Pricing for PC-cillin will remain unchanged at $US49.95, with at $US24.95 renewal price. Both products are now available.

Client Server Security for SMB 3.0 will begin shipping in November, priced at $US23.63 per user per year. Client Server Messaging Security, which includes anti-spam and anti-phishing software, is priced at $US45.15 per user per year. Trend Micro expects to begin shipping the new Client Server Security products some time in November.


posted by Inquest750 @ 8:21:00 AM   0 Comments

Tenebril Announces Support for Juniper Networks Unified Access Control Solution



SAN MATEO, Calif.--(BUSINESS WIRE)--Oct. 31, 2005--Tenebril(TM) Inc., a security technology leader and antispyware pioneer with its patent-pending Spyware Profiling Engine(TM), today announced support for the Juniper Networks, Inc. unified access control solution, which is based on Juniper's Enterprise Infranet framework. Using Juniper's open APIs, Tenebril will offer enterprises the ability to deploy a best-in-class antispyware solution to block and remediate the most insidious types of spyware: evasive threats that are created to avoid detection by traditional security solutions.

Spyware continues to move up the priority list of enterprise security concerns. According to a recent IDC study (IDC Security Survey 2005), spyware is now considered to be the second greatest threat to enterprise network security. IDC believes more than three quarters of all corporate machines are infected with various forms of spyware.

"With the explosive growth of spyware and evasive threats, enterprises need to mount a defense with the best, most innovative products and tec
hnologies," said Frederick Felman, senior vice president of marketing and products at Tenebril. "Through its patent-pending profiling engine, SpyCatcher(TM) Enterprise is the only product on the market today designed to offer protection from evasive spyware threats. We are pleased to partner with Juniper, a network leader that is committed to open standards and interoperability."

Tenebril recently launched SpyCatcher Enterprise, the first and only antispyware solution specifically designed to protect enterprise computers from hyper-mutating and custom-coded spyware. In addition, Tenebril launched antispyware products for consumer and small business markets, including a powerful, free version called SpyCatcher Express.

About Tenebril, Inc.

Tenebril, Inc. is a security technology leader creating innovative, award-winning solutions for home and enterprise customers. Unlike traditional approaches to the growing spyware problem, the patent-pending Tenebril Spyware Profiling Engine is uniquely capable of defeating complex, quickly-mutating spyware. Led by a seasoned team of software industry veterans, the company's product lines are distributed worldwide via multiple channels, including e-commerce, retail, security experts, and a direct sales force. Founded in 1998, the venture-backed, privately-held company has offices in Boston and Silicon Valley.


posted by Inquest750 @ 8:20:00 AM   0 Comments

FTC accuses Odysseus Marketing of using spyware



The agency said Odysseus Marketing fooled consumers into downloading software that hijacked search results and replaced them with sponsored links. Odysseus owner Walter Rines denies the accusations.

  • The Federal Trade Commission said Wednesday it was suing a firm for allegedly using the promise of free music downloads to sneak spyware onto unsuspecting victims' computers.
  • The agency said that New Hampshire-based Odysseus Marketing tricked consumers into downloading software that then hijacked search results from popular search engines and replaced them with sponsored links.
  • The software was particularly troublesome because it could not be uninstalled "through reasonable means," the FTC said.
  • Instead, he said his software was adware, which displays pop-up ads and additional search results.
  • "I have not done anything wrong nor broken any of the laws they are claiming," he said.
  • He also said the lawsuit was "moot," because the firm's adware operations ended several weeks ago.
  • The FTC announced the lawsuit Wednesday morning, a few hours before the agency's chairman was to testify before a Senate panel on spyware issues.
  • The suit was actually filed with the U.S. District Court in New Hampshire on Sept. 21.
  • Odysseus advertised its Kazanon software as enabling users to swap music files without drawing the attention of record industry lawyers who have been cracking down on alleged illegal downloads.
  • "Download without fear," the ads said, according to the FTC complaint.
  • "Kazanon silently modifies your PC's Internet settings to make you invisible, untraceable, and totally anonymous.
  • NO MORE FEAR of a lawsuit or prosecution just for downloading your favorite music!"
  • However, consumers who downloaded Odysseus' music-swapping software, "Kazanon," also installed a program called "Clientman" which served up advertising links, the FTC said.
  • "The consequences of downloading Kazanon are disclosed only in the End User License Agreement ("EULA"), in the middle of the two-page document," it said.
  • "The home page of the Kazanon Web site contains no information about the consequences."



posted by Inquest750 @ 8:15:00 AM   0 Comments

10/27/2005

Anti-spyware group publishes guidelines

NEW YORK -- A coalition of anti-spyware vendors and consumer groups published guidelines Thursday to help consumers assess products designed to combat unwanted programs that sneak onto computers.

The Anti-Spyware Coalition released the guidelines for public comment and also updated a separate document that attempted to craft uniform definitions for "spyware" and "adware" in hopes of giving computer users more control over their machines.

According to the Pew Internet and American Life Project, Internet users have become more cautious online because of worries about spyware and adware, which can bombard users with pop-up ads and drain processing power to the point of rendering computers unusable.

Nearly half of adult online Americans have stopped visiting specific Web sites that they fear might infect them with such unwanted programs, and a quarter have ceased to use file-sharing software, which often comes bundled with adware.

In addition, 43 percent of Internet users say they've been hit with spyware, adware or both, with broadband users generally at greater risk.

The new guidelines from the coalition assign risk levels to various practices common with spyware and adware.

High-risk practices include installation without a user's permission or knowledge, interference with competing programs, interception of e-mail and instant-messaging conversations and the display of ads without identifying the program that generated them.

Changing a browser's home page or search engine setting is deemed a medium risk, while using data files called cookies to collect information is considered a low risk.

"Although all behaviors can be problematic if unauthorized, certain ones tend to have a greater impact and are treated with more severity than others," the guidelines say.

The idea is to agree on what practices consumers should worry most about. Within the general rankings, individual vendors still have leeway to assign their own weight to each behavior in deciding whether to quarantine or remove a program when detected.

The coalition also offers similar rankings on consent.

High marks go to programs that are distributed as separate downloads in clearly labeled packages, while those that try to bury what they do in legalese are given low ratings.

The commenting period on the guidelines ends Nov. 27.

The guidelines could encourage industry "best practices" that developers of adware and other programs could follow to avoid getting flagged by anti-spyware vendors.

However, the coalition has yet to set a timetable for defining such practices, said Ari Schwartz of the Center for Democracy and Technology, which led the coalition.

Nonetheless, Schwartz said, Thursday's announcements represent a start toward long-term improvements in anti-spyware tools and consumer education.

"There won't be as much gray area, and we'll have more transparency out there," he said.

A separate coalition document defining spyware and related terms changed little from the draft issued in July.

The updated definitions document, reflecting nearly 400 comments received from the public, still flags as potential threats - an umbrella definition that includes spyware, adware and other categories such as "hijackers" and "cookies" - programs that:

-impair users' control over their systems, including privacy and security;

-impair the use of system resources, including what programs are installed on their computers; and/or

-collect, use and distribute personal or otherwise sensitive information.

But by classifying "adware" as falling under the umbrella term, "Spyware and Other Potentially Unwanted Technologies," the coalition avoided a key dispute that has led to lawsuits by adware developers against anti-spyware vendors: Is adware a form of spyware or are the two separate?

posted by Inquest750 @ 1:53:00 PM   0 Comments

What's Slowing Down Your PC?


By Jack M. Germain
October 27, 2005 7:30AM

"Computer slowdown is caused by many factors, including malicious software running in the background and 'heavy' security solutions that drain system performance," said Leon Rishniw, vice president of engineering for computer security firm CloudMark.
A new computer right out of the box is an engineering marvel. Programs and files load with lightning speed. Unfortunately, computers do not remain in this pristine condition very long. You do not notice it at first, but usually sooner rather than later that peppy performance is gone.

Why do computers slow down? There is no single answer; a combination of factors contributes to the gradual degradation of a computer's performance. The causes fall into three categories. The first is hardware design. The second is virus and spyware infiltration.

The third is caused by some of the remedies applied to cure the first two causes.

We looked at some of the key ways Windows PCs get bogged down. We will tell you about disk fragmentation, conflicting DLLs, registry issues, viruses and spyware, and other things that can cause the processor to sputter. Once the causes are exposed, we will explore the most popular cures.

Hardware Issues

Over time, files on the hard disk get spread out. Known as fragmentation, this scattering is caused by adding programs, deleting programs, and modifying files. All contribute to the clutter on the hard drive that develops with continued use of the computer.

Hard disks are designed to store data in predetermined clusters of storage space. Smaller files leave unusable "free space" within these areas, and oversize files are split into numerous clusters. These stored file segments become more fragmented as the hard drive absorbs data.

The more fragmented stored files become on the hard drive, the longer it takes the reading apparatus to pull together all of the data and assemble them in their original order. Similarly, when more data is written to a fragmented hard drive, it takes longer to find enough unused clusters to store the data segments.

This problem often is compounded by physical defects on the hard drive's surface. Hard drives can develop bad sectors that slow down performance and make file saving difficult or impossible.

Drained Resources

Almost as deadly to a computer's performance as a cluttered hard drive is a lengthy list of start-up programs. This problem often starts at the factory, where the manufacturer bundles numerous programs as part of a marketing campaign or licensing agreement with software makers.

Many of the installed programs are configured to start when the computer boots, even if the consumer does not want these programs to run. Often, special utilities that enhance features in software or hardware components run in the background. Most consumers, however, have no idea that these programs are running because the software does not show up on the screen. But they might show an icon in the system tray, where they sit idly waiting to be discovered.

These programs take a large bite out of system resources. The more programs that run at one time, the greater the drain on system resources. Typically, a computer should have 85 percent to 90 percent of its total memory available for use after the computer starts. Too many programs running at start-up, however, can drain those memory resources to as little as 50 percent before the user opens any real programs like a word processor or a Web browser.

Software and Malware Galore

Some of the biggest causes of sluggish computer performance are spyware programs running in the background and adware that causes Web browsers to slow to a crawl. The term "spyware" refers to any software that runs meddlesome tasks such as displaying ads, collecting personal information, or reconfiguring the computer, usually without the user's consent or knowledge.

The term "adware" refers to programs that are specifically advertiser-supported, and "malware" is software that interferes with the functions of other applications, like viruses, worms, or Trojans.

To defend against these onslaughts, computers also are burdened by antivirus and antispyware programs, in addition to other intrusion-protection software such as firewalls and e-mail spam filters.

These defensive measures can slow down computer performance by as much as 15 percent, according to some analysts.

"Computer slowdown is caused by many factors, including malicious software running in the background and 'heavy'

securityRelevant Products/Services from Messagelabs solutions that drain system performance," said Leon Rishniw, vice president of engineering for computer security firm CloudMark.

He said the two largest causes of PC slowdown are forgotten third-party utilities and spyware. "Many of the popular third-party applications floating around, such as the peer-to-peer programs of dubious quality, not only install with spyware but also consist of multiple components that are difficult to remove," said Rishniw.

Clearing the Clutter

One of the easiest cures for sluggish PCs caused by an aging hard drive is included in the Windows operating system. Microsoft's Latest News about Microsoft own Disk Defragmenter and Disk Cleanup utilities are located in the Start menu under Accessories/System Tools.

Disk Cleanup checks the hard drive for unnecessary programs and other clutter, such as temporary Internet files. Running this clean-up program at least once a month will keep free space on the hard drive available to speed up file access.

Disk Defragmenter is a very reliable program. It analyzes the condition of the hard drive and optimizes folders and files. When the file shuffling is completed, the hard drive is reorganized so that files are stored in contiguous clusters, speeding up computer performance tremendously.

Monitor the hard drive fragmentation ratio weekly. When Disk Defragmenter shows the drive is fragmented more than 10 percent, click the Defrag button. Plan on doing this at the end of the work day. Given the size of today's hard drives, the fixing process can take several hours.

Other Strategies

Other cures are available as third-party software applications. Symantec's Latest News about Symantec Norton SystemWorks 2006 ($69.99) is a suite of computer maintenance tools that picks up where Microsoft's built-in utilities leave off. It includes programs that defrag the hard drive, remove outdated Windows Registry entries and fix DLL files that can cause system conflicts that slow down performance.

Raxco Software's PerfectDisk 7.0 ($39.95) defrags hard drives and goes one step further. It also consolidates the free space that defragging creates on the hard drive. This helps to keep the hard drive running uncluttered for longer periods of time.

One of the most useful self-maintenance tasks is to clear out unused programs before defragging the hard drive. Go to your Control Panel and select the Add/Remove function. Scroll down the list and highlight programs that are never used. Click the Remove button.

Just as important as ridding the hard drive of unneeded applications is stopping programs from running at start-up that you don't use. To do this, click on the Run link in the Start menu and type: msconfig. Then click the OK button.

This command launches the built-in system configuration tool. Click on the Start Up tab and scroll down the list of programs, clicking the check box to remove the undesired programs. When finished, click the OK box.

When the computer reboots, only the programs still marked with a check will load. If you discover that you need or want a disabled program to load each time the computer starts, just repeat the process and click the check box for the desired program.

There are a few items that you absolutely need, including ScanRegistry, TaskMonitor, SystemTray, and LoadPowerProfile. Of course, you do not want to disable the antivirus program or the Internet security or firewall program, either.

Fighting Malware

Virus and spyware programs are almost impossible to avoid without protective software tools. Antivirus programs are very successful in catching viruses and eradicating them. Only run one program of this kind because two or more will drain resources and will interfere with the other programs.

But spyware is a much more complex process. Spyware is more difficult to spot and remove. Many software products take different approaches, and it is very common for one antispyware program to miss one or more infections while another product finds the spyware. To be safe, you should run more than one of these applications.

"As more and more average users utilize their home PC as a gateway to their bank account and other financial management tools, spyware creators will be presented with an increasingly juicer target from which they can harvest data," said CloudMark's Rishniw. "Clean-up tools are important, but by the time users need them, their personal data has already been compromised."

To minimize that risk and to speed up sluggish computers bogged down from spyware, scan for infections at least once daily.

Spyware Treatment

Two of the more well-known and well-regarded free programs are SpyBot Search and Destroy and Lavasoft's Ad-Aware. Both of these gems are regularly updated with the latest spyware definitions.

Both programs run when you launch them so they do not consume system resources continuously. Spybot, however, can be configured to hook in to system components to block spyware intrusions even when the scan engine is not actively searching for spyware.

SpySweeper by Webroot ($29.95) runs in the background and hooks in to system components for real-time protection against spyware attacks.

Microsoft AntiSpyware Beta 1 is currently free. It provides real-time protection and is based on a very popular product acquired by Microsoft from Giant Software.

Tenebril's SpyCatcher ($29.95) provides real-time spyware protection and claims to stop next-generation, mutating spyware. It also blocks reinstallation of aggressive spyware.

One of the newest product trends is an all-in-one suite that protects against virus and spyware infections and provides firewall protection forbroadband Latest News about Broadband Internet access. The advantage to this software approach is that all the updates are performed at the same time and there is just one product to use.

ZoneAlarm Internet Security Suite 6.0 ($69.95) and Panda Platinum Internet Security 2005 ($79.95) are two of the newest products that provide these all-in-one protections.

posted by Inquest750 @ 1:51:00 PM   0 Comments

Users Aren't Protected Against Spyware



Date: 10/25/2005


(WEB HOST INDUSTRY REVIEW) -- Spyware is becoming increasingly destructive and sophisticated, according to security experts who warn that users are still failing to take basic steps to protect themselves against the threat.

Eric Chien, a senior researcher at Symantec (symantec.com), says that spyware is creating a significant problem for big businesses, resulting in important data leaking out of their organizations on a daily basis. Despite this, too many organizations have not properly educated or protected their employees from the growing threat.

Chien says techniques such as screen capture, key logging, behavioural analysis and common word recognition are all methods used by spyware applications to build a profile of a user. At the recent Virus Bulletin conference in Dublin, Chien detailed the ways in which spyware can break into a computer.

Chien demonstrated the detailed data relayed by one piece of common spyware, explaining that such applications will infiltrate both personal and corporate data. A more advanced spyware application is programmed to activate when any one of hundreds of Web sites is visited and certain words encountered on the page.

posted by Inquest750 @ 1:29:00 PM   0 Comments

Anti-Spyware Group Publishes Guidelines


By ANICK JESDANUN
AP Internet Writer


NEW YORK (AP) -- A coalition of anti-spyware vendors and consumer groups published guidelines Thursday to help consumers assess products designed to combat unwanted programs that sneak onto computers.

The Anti-Spyware Coalition released the guidelines for public comment and also updated a separate document that attempted to craft uniform definitions for "spyware" and "adware" in hopes of giving computer users more control over their machines.

According to the Pew Internet and American Life Project, Internet users have become more cautious online because of worries about spyware and adware, which can bombard users with pop-up ads and drain processing power to the point of rendering computers unusable.

Nearly half of adult online Americans have stopped visiting specific Web sites that they fear might infect them with such unwanted programs, and a quarter have ceased to use file-sharing software, which often comes bundled with adware.

In addition, 43 percent of Internet users say they've been hit with spyware, adware or both, with broadband users generally at greater risk.

The new guidelines from the coalition assign risk levels to various practices common with spyware and adware.

High-risk practices include installation without a user's permission or knowledge, interference with competing programs, interception of e-mail and instant-messaging conversations and the display of ads without identifying the program that generated them.

Changing a browser's home page or search engine setting is deemed a medium risk, while using data files called cookies to collect information is considered a low risk.

"Although all behaviors can be problematic if unauthorized, certain ones tend to have a greater impact and are treated with more severity than others," the guidelines say.

The idea is to agree on what practices consumers should worry most about. Within the general rankings, individual vendors still have leeway to assign their own weight to each behavior in deciding whether to quarantine or remove a program when detected.

The coalition also offers similar rankings on consent.

High marks go to programs that are distributed as separate downloads in clearly labeled packages, while those that try to bury what they do in legalese are given low ratings.

The commenting period on the guidelines ends Nov. 27.

The guidelines could encourage industry "best practices" that developers of adware and other programs could follow to avoid getting flagged by anti-spyware vendors.

However, the coalition has yet to set a timetable for defining such practices, said Ari Schwartz of the Center for Democracy and Technology, which led the coalition.

Nonetheless, Schwartz said, Thursday's announcements represent a start toward long-term improvements in anti-spyware tools and consumer education.

"There won't be as much gray area, and we'll have more transparency out there," he said.

A separate coalition document defining spyware and related terms changed little from the draft issued in July.

The updated definitions document, reflecting nearly 400 comments received from the public, still flags as potential threats - an umbrella definition that includes spyware, adware and other categories such as "hijackers" and "cookies" - programs that:

-impair users' control over their systems, including privacy and security;

-impair the use of system resources, including what programs are installed on their computers; and/or

-collect, use and distribute personal or otherwise sensitive information.

But by classifying "adware" as falling under the umbrella term, "Spyware and Other Potentially Unwanted Technologies," the coalition avoided a key dispute that has led to lawsuits by adware developers against anti-spyware vendors: Is adware a form of spyware or are the two separate?

© 2005 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed. Learn more about our Privacy Policy.


posted by Inquest750 @ 1:08:00 PM   0 Comments

Internet Users Cut Back Because of Fears



WASHINGTON (AP) -- As identity theft has grown, so has fear of being victimized through high-tech means.

Nearly a third of Internet users are cutting back on time spent surfing the Internet and a quarter say they have stopped buying online altogether, according to a study from Consumer Reports WebWatch.

Some 80 percent of Internet users say they're at least somewhat concerned someone could steal their identity from personal information on the Internet. Fifty-three percent of Internet users say they've stopped giving out personal information on the Web.

Among those who shop online, 54 percent say they're now more likely to read a site's privacy policy or user agreement before buying and 29 percent have cut back on how often they buy online.

Advertisement

The random telephone-based survey of 1,501 Internet users aged 18 and older was conducted May 19 to June 21. It has a margin of sampling error of plus or minus 3 percentage points.

© 2005 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed. Learn more about our


posted by Inquest750 @ 1:02:00 PM   0 Comments

10/25/2005

Security awareness training: How to educate employees about spyware


We all know the threats posed by spyware to enterprise networks: user ID and password theft, financial loss, productivity drain, intellectual property theft. Security practitioners have two defenses at their disposal: the human and the technical. While the technology for combating spyware is improving, antivirus vendors have only recently started adding functionality to target it. That means the best defense is the human one – employees and end users. They can help in the battle against spyware through security awareness training and information security policies.

Educating end users about spyware should be part of any comprehensive security awareness training. It should be part of at least half-day or, preferably, whole-day training required by all employees at all levels, from the executive suite down to the receptionists and security guards at the front door. Everybody uses a computer today. Training should be a condition of employment with mandatory attendance noted as part of annual performance reviews. As the number of security threats keeps growing every year, training should be updated annually and employees should be required to take it once a year.

Training conducted in groups of a few dozen at a time will not disrupt daily operations, yet it can still cover the entire staff over the course of a year. Your IT/ Information Security staff members should have the background to put together and conduct training without having to look elsewhere. But if staffing is an issue, consider professional trainers from outside the company.

Awareness training should cover the following:

* Safe Web surfing
* Acceptable uses for the Internet (for those allowed access)
* Policies against downloading software to desktops
* The type of Web sites are prohibited by policy, especially those likely to breed spyware
* Tips on spotting potentially infected desktops
* When to call the Help Desk

Reinforce training efforts with monthly newsletters that include security awareness tips. Focus on a new topic each month, and make spyware one of those topics. Newsletters can be designed to be colorful and eye-catching. Also, consider a "Security Awareness" award for an outstanding employee who was alert and saved the company from a spyware, or other, incident. Put the employee's picture in the newsletter. Internal publicity is a real morale booster.

Policies for preventing spyware are similar to those for protecting a network from other uninvited malware, such as viruses, worms and Trojans. The most effective policy is to prohibit employee access to the Internet altogether. But this may be unrealistic since many employees need Internet access for their work. At the very least, keep Internet access tightly controlled and be sure that those with access do, indeed, have a legitimate business need.

Spyware/malware policies include prohibiting users from downloading software from the Internet, including file-sharing software and toolbars, and prohibiting users from visiting questionable Web sites, the most obvious being pornography and gambling sites. These types of software and Web sites are notorious for harboring spyware.

Here is sample language for an end user policy:

"Employees shall not deliberately download any software from the Internet to their desktops without specific written permission from the Information Security department. Users are warned that all their Internet activity is subject to logging and monitoring at any time and that inappropriate use may subject them to disciplinary action up to and including termination."

A policy targeting spyware prevention specifically might state the following:

"Users are advised to report to the Help Desk suspicious activity on their desktops, such as excessive pop-windows opening simultaneously, unusually slow desktop performance or their Web browser being redirected to unwanted sites, such as pornographic or gambling sites. They should seek assistance from the Help Desk and advise that they suspect their desktop has been infected with spyware."

Lastly, provide users with something, such as this checklist, which can serve as constant reminder to be vigilant in the fight against spyware.

About the author
Joel Dubin is an independent computer security consultant based in Chicago. He specializes in web and application security and is the author of the recently released book The Little Black Book of Computer Security available from Amazon.


posted by Inquest750 @ 2:51:00 PM   0 Comments

SPYWARE SURVEY: DO USERS WANT UNCLE SAM IN THIS FIGHT?


Last month the Federal Trade Commission underscored its new OnGuardOnline.gov initiative against online fraud and ID theft by going after a New Hampshire company whose business model apparently includes surreptitiously downloading spyware bundled with anonymizing peer-to-peer software.

The company's founder, Walter Rines of Stratham, N.H., denies any wrongdoing, pointing to a disclosure deeply buried in the user agreement and an uninstall tool that, the FTC claims, actually adds more software. Whether a judge later decides if Rines' Odysseus Marketing plan is legitimate or if the company should be shuttered, the move signals the government's increased role in hunting down parties behind one of IT security's biggest headaches: spyware.

"It's a big deal," Ari Schwartz, associate director of the public-private advocacy group Center for Democracy and Technology, told the Associated Press. "It shows the FTC can work its way backward down the chain."

It's a significant link in that chain, too, for the feds to ramp up its search for spyware promoters, according to an online SearchSecurity.com survey conducted last month. Fifty-two percent of 304 IT professionals said the government should regulate spyware. Some 24% thought the government should stay out of it, while almost as many weren't sure. Those still uncertain could lean towards government intervention if these pursuits do shut down sites and land more malicious code writers behind bars.

Government employees, by the way, represented the biggest demographic taking the survey. One in five serves in IT at the local, state or federal level.

"Government is supposed to be about protecting the people, not controlling them and not subjugating them to anything," said one of those surveyed, an information systems manager and network engineer named George Kincer, who works for a 210-employee department within the state of Tennessee. "And I think both the state and federal levels have failed to recognize the problem and to deal with it.

"Now the failure could be the result of good lobbying," Kincer added, hinting at the influence of well-moneyed constituents with a stake in how spyware is defined. "And it could be a case of people just not recognizing what's going on soon enough."

Kincer said two years ago he tried to get his legislators to propose antispyware legislation and no one seemed interested. Voters in other states pushed similar initiatives, but the vagaries surrounding so-called illegal programs drew bill-busting criticism. However, much has changed since then, with spyware more sinister and its economic impact easier to discern. Time's now ripe, the seasoned systems manager believes, to insist on a stronger response from government, beginning with establishing legal parameters and acceptable behavior in the Internet community.

Until then, that responsibility falls largely on consumers through common sense (don't download or open anything from an untrusted source) and employees abiding by enterprise acceptable use policies. SearchSecurity.com survey respondents tended to have a written policy that prevented or limited freeware, P2P, toolbars and other suspicious downloads. In fact, the ratio of those with a written policy to those without ran 2-to-1.

Now, whether employees follow the company's rules is another matter entirely.

Among the more surprising findings in the SearchSecurity.com survey was the high number of readers who claimed their users aren't aware of spyware's dangers. Almost 47% believes a majority of users were clueless. Another 40.5% gave users credit for at least knowing the dangers, while 12.8% weren't sure.

Those numbers buck a new Trend Micro survey of 1,200 international users that found 87% were aware of spyware and the risks the malicious code pose. Forty percent of U.S. workers had encountered spyware, compared to 23% in Germany and 14% in Japan. The same company, however, also discovered in the results that workers took more risks online while at work, believing the company had more technical safeguards in place to prevent infestations. Such brazen behavior obviously undermines security administrators' efforts, especially their acceptable use policies.

Consumers are again asking the infrastructure owners, particularly Internet service providers, to step up and help block spam and spyware. But their contributions are still controversial.

Meantime, the government's judicial arm must wield more weight -- and results, survey respondents say. "They've only prosecuted so few virus writers and hackers that until they clamp down on these spyware people, it's only going to get worse," said Dana Wood, a computer and network specialist with Dinshaiwa, a power-tool company based near Portland, Oregon.

Kincer believes improvements are coming. He has some simple advice for those in the trenches grappling with spyware on their systems. "Have patience. Have faith. Things are getting better."


posted by Inquest750 @ 2:46:00 PM   0 Comments

Mi5 Networks Joins the Anti-Spyware Coalition to Help Define and Fight Spyware; Joins Group to Help Protect Enterprises from Growing Spyware Threat


SUNNYVALE, Calif.--(BUSINESS WIRE)--Oct. 25, 2005--Mi5 Networks today announced that they have joined the Anti-Spyware Coalition (ASC), an organization consisting of the world's most prominent anti-spyware providers dedicated to building a consensus about definitions and best practices in the debate surrounding spyware and other potentially unwanted technologies. As an ASC member, Mi5 Networks will work towards helping create a unified definition to ensure a common foundation for protecting enterprise customers from spyware and other malware threats.



"The Anti-Spyware Coalition is pleased to have Mi5 Networks participating in this collaborative industry initiative," said Ari Schwartz, Associate Director for Center for Democracy and Technology. "We look forward to Mi5's help to further the organization's goal of preventing cyber security threats as the ASC continues its collaborative efforts to help companies create tools to defend against a variety malicious attacks, including adware, system intrusion and spyware."

"With the constant expansion and evolvement of spyware, it is critical for anti-spyware vendors to have a forum where definitions and processes can be defined together as an industry," said Doug Camplejohn, CEO and Co-Founder of Mi5 Networks. "We look forward to working with the ASC to address these important issues."

More information on the ASC and its proposed spyware definitions can be found at www.antispywarecoalition.org.

About Mi5 Networks

Mi5 Networks is headquartered in Sunnyvale, California and dedicated to addressing the growing threat of spyware for enterprises. Mi5's team consists of industry veterans from leading networking and security companies. Mi5 can be reached at 888-ANTI-SPY or www.mi5networks.com.


posted by Inquest750 @ 2:44:00 PM   0 Comments

MessageLabs Survey Finds Spyware No.1 Web Security Issue for Australian Businesses


25/10/2005 09:18:52

Australian businesses see spyware as their top web security issue, above employees accessing unauthorised Internet sites and web-based viral threats and malware

Sydney, 25 October 2005 – MessageLabs, the leading provider of messaging security and management services to businesses, today announced the results of a new survey of Australian businesses’ top security concerns and issues. The survey found that Australian businesses see spyware as their top web security issue, above employees accessing unauthorised Internet sites and web-based viral threats and malware. It also found that sixty percent of companies have already experienced some form of spyware related issue.

In a survey of Australian businesses conducted by MessageLabs in September 2005, almost half, 49 percent, of the respondents cited Spyware as their biggest web threat and 66 percent ranked spyware in their top five overall IT security priorities.

“As IT security measures become more effective, the cyber criminals have to be more sophisticated in the way in the way they infiltrate corporate networks – constantly evolving new methods of attack,” said James Scollay, Vice President MessageLabs Asia Pacific.

“Attackers now combine an understanding of human behaviour with technical subterfuge. We are seeing targeted spam posing as legitimate email which encourages readers to open links to sites which unintentionally download malicious code such as spyware. With two thirds of Australian businesses already victim to spyware attacks, they cannot afford to put off protecting themselves from the increasingly convergent threats within email and web traffic,” explained Scollay.

MessageLabs is the only major managed service provider able to provide security services for both business email and web traffic. “Keeping up to date with new security threats places huge pressure on internal IT resources. MessageLabs’ managed service approach draws on the expertise of a global team of experts that constantly identify threats to stop them within the fabric of the Internet before they hit the corporate network,” Scollay added. MessageLabs managed service approach provides organisations with a complete managed security solution, without the hassle, inconvenience or additional cost of traditional software or hardware solutions. These services ensure the integrity of electronic communications, helping businesses to manage and reduce risk while securing their critical infrastructure and business information.

Key Survey Findings:

• Almost half (49%) of the respondents see spyware as their #1 web security issue. • Two thirds (66%) of respondents said spyware ranked in their top five IT security issues. • Almost 60% of respondents had already experienced spyware issues. • Yet over one third of companies currently have no web filtering in place. • Almost half will introduce new or additional anti-spyware measures in the next 3-6 months. • As a perceived potential security issue, the proportion of respondents identifying email threats has halved from 12 months ago from 62% to 32%; while spyware has increased eight times from 3% to 24%.

About Spyware Spyware is code on a computer that gathers information about a person or organisation without their knowledge. It may be distributed via emails or when downloading a web site. Spyware can steal sensitive corporate or personal information, disable mission-critical software and disrupt information systems.

Methodology MessageLabs conducted the telephone survey of 81 Australian businesses about their IT security needs in September 2005.

About MessageLabs MessageLabs is the world's leading provider of messaging security and management services with more than 12,000 clients and offices in eight countries. For more information, please visit http://www.messagelabs.com


posted by Inquest750 @ 2:27:00 PM   0 Comments

10/24/2005

CallingID Introduces 'Safety Seal' Multi-Level Protection Against Internet Fraud 



NEW HAVEN, Conn., Oct. 24 /PRNewswire/ -- CallingID today announced a
totally effective, multi-level solution, "Safety Seal," that fully protects
both the web site and the end user from all known Internet fraud, but doesn't
require changing login procedures.
   The new guidance issued last week by the Federal Financial Institutions
Examination Council (FFIEC) and the recommendations published June 2005 by the
Federal Deposit Insurance Corporation (FDIC) require strong authentication
when a customer logs into his bank account over the Internet.  CallingID
Safety Seal protects users from every known form of Internet fraud, including
phishing, pharming, spyware, malicious proxies, trojans and key loggers.
   CallingID for the Internet, the PC download that facilitates Safety Seal
authentication, provides authentication of every web site visited.  Fifty-two
CallingID verification checks are run behind the scenes to confirm when a
website is actually the site one thinks it is.  CallingID displays the owner
of the site and its location and verifies that it is a real organization
conducting business in a known physical location.  There is no learning curve
and it is easy to implement for the large enterprise, eCommerce websites as
well as the consumer.  Users can download CallingID for the Internet for free
from http://www.callingid.com/download.aspx.  Installation is quick and
simple.
   While the threats of Internet fraud have become major issues for eCommerce
and online banking, the more costly problem is a sizeable number of reluctant
consumers who will not conduct online transactions, online banking, or enter
personal information on a website because they don't know how to verify the
sites' legitimacy.
   One study found that almost 60% of U.S. households were extremely
concerned about banking online.  Other recent research shows the first decline
in five years of U.S. households that believe Internet-based transactions are
secure.
   CallingID solves these problems by providing a new service for sites
registered as "CallingID Safety Seal Verified" which fully protects the site's
users when they login to their web account.
   The CallingID technology is a far more secure solution than others since
it provides three layers of protection: mutual authentication, full protection
against phishing and full protection to bypass spyware.

   CallingID for the Internet Provides Mutual Authentication
   Usually, when a user tries to login to a web site he provides his login
parameters so that the site can authenticate him.  CallingID for the Internet
enables the user to authenticate the site he visits and to verify that this is
really the site he wants to provide his personal information to.  The
authentication of the site for the user is done by displaying the owner of the
site and its location, verifying that it is a real organization conducting
business in a known physical location and executing 52 verification tests to
eliminate potential fraud.

   Safety Seal Basic Protects Users from Submitting Login Parameters to Any
Fraud Sites
   This solution detects incidents where personal or confidential data users
are about to send might reach a site other than the protected site they had
intended sending data to.  An immediate alert automatically calls users'
attention to prevent such action.

   Safety Seal Pro Protects Users' Desktop from Trojans and Spyware When They
Login
   With this solution, CallingID encrypts the key sequence when users type
their password and prevents trojans or spyware from detecting the password
typed.  The spyware is given a misleading password while the real password is
securely transferred to the server.

   "The critical need for a comprehensive anti-phishing and anti-spyware
solution has become a major concern for banks and eCommerce providers," said
Yoram Nissenboim, CallingID's CEO.  "Millions of users are being lured by
Internet scammers to access bogus websites, and submit their personal
confidential details.  Customers need to feel confident that they have the
best protection against identity and money theft, and CallingID provides the
level of confidence and security that clients seek while preserving their
login process."

   About CallingID
   CallingID provides solutions that encourage usage of the Internet for
business, helping customers avoid Internet fraud (phishing, pharming, spyware
and trojans) focusing on online banking, eCommerce and corporate sites as well
as individual Internet users.  CallingID's offices are located in New Haven,
Connecticut and the R&D team is based in Haifa, Israel.

posted by Inquest750 @ 1:18:00 PM  

Gambling, Porn in Workplace Breed Spyware




October 21, 2005
By Sharon Gaudin

Some security pros estimate that half of all spyware on corporate networks comes from employees going to pornographic and gambling Websites on company computers.

''I think a lot of companies are blissfully unaware of what their employees do on their networks,'' says Ken van Wyk, principal consultant for KRvW Associates, LLC and a columnist for eSecurityPlanet. ''If you take generic commercial America, a pretty good percentage of sites don't spend a lot of time and energy monitoring what their employees are doing. It's still seen as somewhat of a stigma. People are on an honor system. If you believe those statistics, apparently the honor system isn't working.''

And van Wyk says this can mean trouble, since spyware is no longer the nuisance it used to be.

''I think the potential for spyware to do really bad things is certainly out there,'' he adds. ''The potential for danger is pretty daunting. I certainly wouldn't want any of that sitting on my network.''

Bob Hansmann, a senior manager at Trend Micro Inc., which has its U.S. headquarters in Cupertino, Calif., says spyware is increasingly troublesome for companies. And he says employees largely are to blame for it.

IT administrators instantly would be able to reduce spyware by as much as 50 percent if they could keep users from visiting pornographic and gambling Websites while on the job, says Hansmann. He notes that when customers start using URL filtering software, blocking porn and gambling sites, their spyware problem has been cut in half.

Hansmann tells the story of some IT professionals working to patch their network. While they were waiting for the patches to download, they would use another machine to surf the Net, visiting pornographic sites. The IT people actually became the source of the company's spyware infections while they were in the process of following a good security practice.

User Complacency

Ken Dunham, a senior engineer for VeriSign iDefense Intelligence based in Mountain View, Calif., says most users are visiting these Websites because they don't think they'll ever be caught. They also might think it would be better to be caught on these Websites at work than at home.

''There's a certain degree of complacency. They wouldn't do it at home because they're afraid of what [malware] they might get. But they'll surf at work because it's not their system, and they don't think they have to worry about it... It's like owning a house or renting a house.''

When someone visits many of the online gambling or porn sites, they might get legally installed spyware or they might be silently infected with illegal spyware or adware. Some sites will alert the user that a program is going to be downloaded and asks for the OK. Other sites will illegally reroute the user to another site without their knowledge where a bunch of spyware will be installed silently and without the user's permission.

''To view a site, you might have to install an ActiveX object to view what's on that site,'' explains Dunham. ''Or you might have to install some code. A lot of porn sites require you to download an executable so you can view the pictures or the movies. That executable should be seen as quite suspect. It's an executable. They'd have spyware attached. That might even be a legal installation, but it was presented and someone clicked on it being OK.

''The user might run an application and not realize it's installing stuff you don't know about,'' he adds. ''There are a lot of installations where you have no idea what you're getting. You think you're just getting this pornography package but there might be a bunch of things being installed with it and you have no idea.''

Blocking Porn and Gambling

So why don't IT administrators just block pornographic and gambling sites?

Well, it's not as easy, or effective, as it might seem.

van wyk says IT admin need to combine technology with a strong policy to have any chance of making it work. He recommends trying a URL blocker that would sit in line with the firewall. And then he says the company needs to come up with a strict policy that states that the company's computers and network are to be used for legitimate business purposes only. It also needs to spell out that workers will be monitored, there should be no expectation of privacy and there will be repercussions if the rules are broken.

''You have to realize that this is not a trivial thing,'' says van Wyk. ''If you go looking for something, you better be prepared to act on it. There is an administrative burden in following through on that.''


posted by Inquest750 @ 1:17:00 PM  

UK has third highest spyware levels



James Brown, Computing 21 Oct 2005

The UK has the third highest rate of spyware infection in the world, according to research conducted by IT security firm, Webroot.

With up to 18 infections per machine, the epidemic is said to be costing the country's businesses £445m in lost time and productivity.

Richard Stiennon, Webroot's vice president of threat research, says the problem of spyware has grown quickly because people are downloading adware and getting infected with it.

'From that they get pop-ups, for which they often installed things like Google ad-blockers, without trying to get the offending program off their systems. So the spyware remains, booting up from start up directories, and trying to connect to the internet all the time, watching what you browse and reporting its data,' he said.

Stiennon says infection in the UK is high because a lot of the spyware has been designed specifically for English countries. The only places with higher rates of infection are the USA and Thailand.

'The US has always been the epicentre of spyware and adware, so the UK has been a victim of speaking and understanding the same language that is being attacked in the first place,' he said.

'However, we are starting to see spyware being written in Farsi, as well as Asian and Indian languages, so we know the writers of these programs are branching out and looking to exploit new areas to help make profits.'


posted by Inquest750 @ 1:13:00 PM