McAfee today revealed its McAfee Threat Report for the third quarter of 2010. Information like that provided by McAfee in these quarterly reports is valuable for IT admins -- enabling them to keep a finger on the pulse of malware, and to stay in touch with emerging attack techniques and trends.
After over 10 years of active participation in the honeypot community, I was surprised not to have heard of MicroSolved's HoneyPoint Security Server before I started planning this roundup. HoneyPoint runs on Windows, Linux, and Mac OS X, and offers some useful features -- such as "defensive fuzzing" and the ability to track alert status -- that KFSensor and Honeyd don't. But HoneyPoint is neither as easy and complete as KFSensor, nor as flexible and scalable as Honeyd.
Trend Micro has released a tool that administrators can use to scan dozens of computers at a time for Stuxnet, the malicious software program that has raised widespread concern for its targeting of industrial systems made by Siemens.
Security researchers, working with law enforcement and Internet service providers, have disrupted the brains of the Koobface botnet.
Microsoft has offered free protection with Microsoft Security Essentials (MSE) for some time, and it recently expanded the availability of the antivirus protection for small businesses. A recent move to push out Microsoft Security Essentials to Windows systems that don't have any antivirus protection, however, has some rival security vendors up in arms. From Microsoft's perspective, though, it's a little "damned if you do, damned if you don't".
The Black Hat security conference will kick off in Abu Dhabi on Monday with new information revealed about the Stuxnet malicious software program along with other cutting-edge research.
Last week a malware threat emerged that impacted both Windows and Mac OS X systems. To be fair, the attack is more social engineering than PC exploit, but it impacts Mac OS X users just the same. ESET's David Harley has written a more detailed analysis of the Boonana threat, and identified some elements that are contrary to initial reports.
A massive takedown operation conducted by Dutch police and security experts earlier this week does not appear to have completely dissolved the Bredolab botnet, but it is unlikely to recover.
Dutch police took unprecedented action in taking down a botnet on Monday: They uploaded their own program to infected computers around the world, a move that likely violated computer crime laws.
A group of malicious hackers who attacked Twitter and the Chinese search engine Baidu are also apparently running a for-rent botnet, according to new research.
Microsoft Security Essentials is fake. Well, it is and it isn't. Microsoft Security Essentials is a free antimalware protection program from Microsoft, but a new malware threat identified by security software vendor F-Secure is also masquerading as Microsoft Security Essentials. You want to avoid that one.
In the course of researching and preparing volume 9 of the Security Intelligence Report, Microsoft analysts discovered an interesting trend. According to Microsoft's findings, attacks against Java have recently surged to unprecedented levels -- dwarfing attacks against Adobe PDFs.
Everyone knows that the Mac OS X operating system is just inherently secure. Any Apple loyalist will gladly explain to you everything that is wrong with Microsoft Windows, and how happy they are with not having to worry about malware and exploits on their shiny new Mac. So, I guess Macs don't need security software and we have nothing left to talk about...
A recently discovered category of malware -- advanced evasion techniques -- can sneak through most intrusion-prevention systems to deliver even well-known exploits such as Sasser and Conficker to targeted machines without leaving a trace of how they got there, researchers say.
Microsoft this week unveiled the ninth volume of its Security Intelligence Report (SIR). The semi-annual assessment of the state of computer and Internet security and overview of the threat landscape generally yields some valuable information. This particular edition of the Security Intelligence Report focuses its attention on the threat posed by botnets.