Antivirus News

Centralized eMail Security at the Mail Server level just got better and a lot more advanced in technology. The pioneer of innovations in AntiVirus, AntiSpam and Content Security, MicroWorld Technologies today launched MailScan 5 for Mail Servers, the comprehensive Mail Security Solution at the Mail Gateway of organizations and business houses.

(PRWeb) January 22, 2007 — eMail is a vital part of the present day business communication for enterprises of all segments and sizes. And it’s of paramount importance to safeguard the email infrastructure from a multitude of threats like Viruses, Worms, Trojans, Backdoors, Spamming and Phishing.

“If you are talking about a comprehensive, end-to-end protection for Mailing Systems, it ought to be right there at the Mail Gateway,” said Govind Rammurthy, CEO of MicroWorld Technologies, at the launch of MailScan 5.

“With the new version of MailScan, we empower the Mail administrator with some future defining technologies that can intelligently detect and block all kinds of malicious programs in mails, filter out spam with impeccable accuracy and enforce a comprehensive Mail Security Policy for the entire organization. While we sharpen our precision in nailing down individual challenges in email security, never do we lose sight of the complete picture.”

MailScan works at “TCP/IP Port level” and hence does not require an additional machine to act as a gateway. It’s powered by the revolutionary ‘MicroWorld WinSock Layer’ technology, the first of its kind in the world. Data packets coming at different TCP/IP ports are assembled at the MWL Layer and get scanned for Malware before and after the Mail Server sends or receives mails.

With MailScan 5, MicroWorld is introducing to the world a revolutionary technology in Spam Fighting named as NILP (Non Intrusive Learning Patterns). Govind Rammurthy explained what the technology is all about,

“NILP is an advanced Spam Filtering method based on the principles of Artificial Intelligence, with the ability to analyze each email according to the Behavioral Patterns of the user and take an informed decision there after. This system comes with an inbuilt capability to learn on its own and makes the most accurate decisions in weeding out spam.”

Some key features of MailScan are a combination of other technologies used for multi-layered Spam Filtering, Power to block Image Spam, TCP Connections, LDAP Authenticated Administration, Real-Time Antivirus, Advanced Heuristics, Attachment Filtering, Autogenerated Spam Whitelist, Attachment & eMail Archiving, Real-Time Content Scanner, Integrated Mail Security Policies, Customized Disclaimers and Extensive Reports.

About MicroWorld
MicroWorld Technologies (www.mwti.net) is the developer of the world’s most advanced AntiVirus and Content Security software eScan for Desktops and Servers. Its gateway-level email security software, MailScan, is a comprehensive mail scanner for SMTP/POP3 Mail Servers. MicroWorld Winsock Layer (MWL) is the revolutionary technology underlying these products, powering them to several certifications and awards by some of the most prestigious testing bodies, notable among them being Virus Bulletin, Checkmark, TUCOWS, Red Hat Ready and Novell Ready. On the Network Security side, MicroWorld offers a powerful, futuristic network firewall branded as eConceal.

To learn more, kindly visit http://www.mwti.net.

Japanese law enforcement authorities have taken down what they claim to be a massive spam operation responsible for sending out more than five billion junk emails over a two-month period in the summer of 2006. A total of four men were arrested including Yoshimitsu Hirono, president of large Japanese dating site Takumi Tsushin, based in Tokyo.
The police believe he was responsible for the orchestration of a massive spam operation that saw tens of millions of people receiving unwanted messages every day in July and August last year. In order to carry out their mass mailing the group built and operated a 128-strong computer cluster that was physically located in China and was remotely accessed from Japan. It was used to mass-mail advertising material for Hirono�??s dating site utilising a huge illegal database of Japanese email addresses. The Takumi Tsushin dating site is believed to have significantly profited from the spamming operation, boosting client numbers and making up to $1 million every month. Police say the four men who were detained in connection with this case have already admitted their guilt.

According to a report in the Daily Mainichi, the spamming group used China as a base not only to cover their tracks, but also because running costs there are much lower. Over the past years China has consistently performed as one of the top spam-relaying countries, second only to the US.

Trend Micro will begin shipping its Certified for Windows Vista Internet security suite on 30 January.

The security firm’s Internet Security 2007 has been available for Windows XP and older versions since September 2006. But the full suite will shortly be made available for Vista users.

For Windows Vista consumers just wanting antivirus and anti-spyware, the company announced that the Certified for Windows Vista Trend Micro AntiVirus plus AntiSpyware 2007 will be available on the same day.

The Vista product incorporates the Trend Micro PC-cillin engine and anti-malware protection along with a host of new features addressing root-kits, spyware, phishing, spam, hacking, viruses, Wi-Fi attacks, smartphone threats and the growing number of ID threats.

The subscription also includes TrendSecure online security services.

Ben Fathi, corporate vice president of the Security Technology Unit at Microsoft, said: “Our security partners play a vital role in the early adoption, development and delivery of Microsoft technologies.”

There are hundreds of millions of spam email messages being sent every
day. This has been a significant problem as spam covers 90% of all emails
worldwide. Now this has become an even bigger challenge due to increased
volume of image spam.

Image spam is a serious and growing problem, not least because of its ability
to circumvent traditional email spam filters to clog servers and inboxes. In
just half a year, the problem of image spam has become general enough to be
representative of 35 per cent of all junk mail. Not only this, but image spam
is taking up 70 per cent of the bandwidth bulge on account of the large file
sizes every single one represents.

Apart from taking up valuable bandwidth, the time taken to filter out and
destroy spam represents a significant burden on both IT staff and personnel
in businesses and organizations. At the same time, operators themselves are
building ever more efficient email servers and bandwidth capacity in order to
deliver emails that nobody wants!
 
Ironically, at the heart of the problem are ordinary computer owners
completely unaware that their computers are being used to launch the very
attacks that end up in their inboxes. This is achieved through botnets, where
computers are silently infected and activated as part of a larger raft of
computers to do the spammers’ bidding. Vast majority of all the spam is being
sent from these botnets of zombie computers.

To give some idea about the scale of the problem a typical Warezov-based
botnet can send 160 million spam messages in just two hours. And last year
botnets raised the volume of spam in circulation by 30 per cent. For
enterprises, often the target of spam attacks, that figure was 50 per cent.

Spam originally used basic text captured in a GIF image to bypass standard
dictionary-based content filters but this has now morphed into image spam.
Image spam is characterized by patchwork colours, multicolour characters with
pixel-level randomization. It also features the use of random nonsensical
text messages sampled from legitimate web sites between the hard sell of
products like Viagra and other popular pharmaceuticals.

In the war against this new menace are ever-more efficient spam filters. In
practice, all of the most recognized spam filter systems have upped their
game in order to deflect these new techniques. Technology aside, Mikko
Hypponen, Chief Research Officer at F-Secure believes there is a larger issue
to address - people themselves: “We will never rid ourselves of spam until
people stop buying the products advertised in these mails. Spam obviously
works, otherwise we would not see it so prevalently,” he concluded.

F-Secure Messaging Security Gateway has a unique approach to combat
image-based spam, and uses several advanced techniques specially designed to
detect image-based spam messages. These improved techniques in
Proofpoint-powered MLX include fuzzy matching for obfuscated images, dynamic
spam image detection, animated GIF spam detection and dynamic botnet
protection. Using these image-based spam specific techniques with other
existing spam detection techniques with fully automatic updates, F-Secure
Messaging Security Gateway is able to provide comprehensive solution to it’s
customers.

Social networkin g sites like YouTube, Orkut and MySpace, that were a mad rage among young netizens last year, may be hot targets for virus attacks this year. 
 
Research by F-Secure tells us about dangerous vulnerabilities in Cross Site Scripting (XSS) that is used on some of these sites. Niraj Kaushik, country manager, Trend Micro (India & SAARC) speculates, �??Web threats will impact consumers and corporations alike through confidential information leakage, identity theft, bot infection, adware/spyware installation, and the like.�?� 
 
In 2007, Trend Micro also expects to see the bot threat grow with its creators finding newer methods to install them in users machines. �??More ingenious social engineering and software vulnerabilities will be the likeliest candidates for this,�?� adds Kaushik. 
 
In 2005, security pundits declared there was a marked decrease in the growth rate of spam and some major networks such as AOL even reported a modest decrease in spam volumes. Spam filter efficacy was high worldwide so much that many found themselves in agreement with Bill Gates who said �?? �??the spam problem was solved�?�. 
 
However, by end 2005, spam volumes increased 200 per cent. And this surge continues in 2007. Predictably, spam volumes will again more than double and spam throughput is expected to again triple, putting strain on global email infrastructure and causing disruptions in legitimate email delivery, predicts a security report by IronPort. 
 
Spammers are adopting techniques used by virus writers for years and that�??s the alarming bit. Spammers will develop a new strain or variant of spam and might send out a very limited trial quantity to see how effective the new strain is against spam filters. Once spammers are confident that they have created a content set that will get through most spam filters, they will launch a very large-scale attack, warns IronPort. 
 
Windows Vista�??s arrival in 2007 will only add to the frown lines. Says Vishal Dhupar, managing director, Symantec India, �??Be ready to witness an increased attacker interest and motivation in the coming year. Consumers and businesses will soon start to migrate to Windows Vista and there may be more threats that target this new operating system as adoption rates increase.�?� 
 
Security report by Symantec notes that macro-based viruses that have increased from zero outbreaks in 2005 to 15 outbreaks in 2006, are to be watched carefully in 2007 Macro-based viruses are viruses that reside inside Microsoft files such as Word and Excel files. 
 
These viruses can be very potent, since many email administrators rely on attachment file type filtering to limit exposure to new outbreaks. Furthermore, Word and Excel files are much more familiar to end users, resulting in higher open and infection rates than more esoteric attachment file types. 
 
Parasitic malware will make a comeback, says McAfee. �??Even through parasitic malware accounts for less than 10 per cent of all malware (90 per cent of malware is static), it seems to be making a come back. Parasitic infectors are viruses that modify existing files on a disk, injecting code into the file where it resides. When the user runs the infected file, the virus runs too.�?� 
 
Popular polymorphic parasitic file infectors identified in 2006 had stealth capabilities and could download Trojans from compromised ites. 

Security firm Sophos is reminding users of the threat posed by image spam following a new campaign, which claims to offer a cut-price edition of Microsoft Windows Vista.

Image spam, which uses a graphic embedded in an email rather than regular text, has grown in popularity amongst spammers attempting to communicate their marketing messages to Internet users. Often image spam is used for promoting stock pump-and-dump scams or drugs to help with weight loss and sexual performance. In the latest widespread campaign seen by Sophos experts, image spammers are offering a bargain edition of Microsoft’s new operating system, Windows Vista.

The spam email claims that the recipient can save $319.05 by downloading Windows Vista today.

It is not clear whether acting upon the spam would furnish the computer user with a pirated edition of Windows Vista or simply steal their credit card details.

“This widespread spam campaign carries all the hallmarks of a typical image spam. The spammer has added random noise in the form of speckled pixels to make the graphic slightly different on each sending, and users are told to type in the name of the website rather than clicking on a link,” said Graham Cluley, senior technology consultant for Sophos. “Approximately 30% of all spam is now using images to try and sneak past anti-spam filters. Computer users need to ensure that they have strong defenses in place or they will continue to be bombarded by nuisances like this.”

“The growth of image spam is one of the security stories of the year. Internet users should make it their New Year’s resolution to make 2007 the time they got wise to internet threats,” continued Cluley. “It’s worrying just how poorly educated people are about web and email threats. System administrators and security geeks know about informative websites like GetSafeOnline but the average man in the street hasn’t got a clue.”

Messages shilling cut-rate copies of Windows Vista are using the latest image tactics to slip through spam filters, the Sophos security company warned Tuesday.

The junk mail touts Windows Vista Ultimate for sale at a $319 discount, said Sophos, which also noted that the campaign relies on several current spammer techniques to trick defenses, including random background pixilation, hiding the bulk of the message in an image, and requiring the user to manually type in the URL rather than embed an easily-found link.

“This carries all the hallmarks of a typical image spam,” said Graham Cluley, a Sophos senior technology consultant, in a statement. “Approximately 30% of all spam is now using images to try and sneak past anti-spam filters. Computer users need to ensure that they have strong defenses in place or they will continue to be bombarded by nuisances like this.”

Sophos wasn’t sure whether the deal was semi-legitimate — that a copy of Windows would actually be shipped to the user — or if the spammer was actually a phisher harvesting credit card numbers. If the former, the copy would almost certainly be counterfeit, since Microsoft has yet to release Vista to any but volume license customers.

In fact, Microsoft last week warned users of that very thing as it updated Vista to block pirates who had cobbled together a bogus operating system from Vista previews and the final code. “Users can be confident that 100% of the copies of Windows Vista advertised for purchase or download prior to the January 30, 2007 consumer general availability date are counterfeit,” Microsoft said in a statement Thursday, Dec. 14.

“The growth of image spam is one of the security stories of the year. Internet users should make it their New Year’s resolution to make 2007 the time they got wise to Internet threats,” Sophos’ Cluley continued. “The average man in the street hasn’t got a clue.”

Japanese software maker Trend Micro Inc. has developed technology to help thwart a form of spam that’s tough to crack �?? e-mail sent in the form of scanned images, a senior executive said on Friday.

Spam filters are generally efficient in scanning ordinary text messages as computers can search quickly for specific words or word patterns, which serve as red flags in identifying junk mail.

But spammers have learned to get around those programs by using imaging software to essentially make copies of text messages and turn them into graphic images that cannot be scanned using conventional methods.

About 40 percent of all spam messages are image-based, compared with about 10 percent a year ago, according to McAfee Inc., another software company that specializes in Internet security.

Trend Micro plans to introduce software in the first quarter of 2007 next year to allow companies to scan image-based spam without requiring huge amounts of processing power that can slow down email traffic.

“We believe it addresses most types of image spam that we’re seeing in the world today,” Trend Micro Director of Product Development Paul Moriarty said in an interview.

The company filed a U.S. patent application related to the technology in the middle of November, Moriarty said.

Analysts said that to detect graphic-based spam, companies currently need to use optical character recognition programs to convert those images back into text for scanning.

That process can be time-consuming and tax the resources of corporate computer networks, said Andrew Jaquith, a computer security analyst with technology researcher Yankee Group.

“It’s very processor-intensive. It’s not an easy thing. You’ve got to crack the image open. You’ve got to look at a lot of bytes,” Jaquith said.

Trend Micro declined to say how its new software will handle that technology challenge.

Spam cull keeps m8 telecom on the line Being inundated with spam e-mail is annoying enough, but it can be downright problematic when it’s affecting productivity and diverting staff attention that should be directed at customer care. For virtual mobile operator m8 telecom, the problem became so bad recently that it realised a revisitation of its existing mail protection infrastructure was in order.

The two-year-old company, which provides a range of mobile phone services to around 100,000 customers through a chain of some 180 dealers nationwide, had been using antivirus and antispam products since its inception.

With increasingly sophisticated spam and phishing attacks becoming the norm and volumes increasing steadily, the company’s IT staff realised they were spent far too much time fixing the systems of its 48 users. Analysis of the company’s existing mail security solution — the combination of Microsoft Exchange’s built-in anti-spam filter and GFI MailEssentials — showed that despite the use of those applications, 48 percent of m8’s incoming e-mail was bad mail, including 13 percent that was spam.

“Spam just gets worse as everyone sending it gets smarter,” says IT manager Armin Ghazarian. “It was slipping through our filters, and it was just getting to everybody.”

The solution, as Ghazarian found after surveying a market inundated with anti-spam options, lay in a dual-pronged attack that saw the company decommission the MailEssentials server and replace it with Trend Micro’s Client Server Messaging Security for SMB application, which runs on desktops and servers, and uses a variety of techniques to increase detection of zero-day spam.

Improvement in detection rates reaped immediate benefits for the company. “Basically, after the first week, everyone was saying that the spam’s gone,” says Ghazarian. “It has been saving me time because I don’t have to clean up after someone has been phished, or after they downloaded a virus when an e-mail came through.”

He wasn’t done yet, however: recognising the higher detection rate provided by the Trend Micro technology, Ghazarian sought an additional improvement in its anti-spam defences by introducing Trend Micro’s Email Security Services (ESS), a hosted antispam solution that would keep spam away from the company’s network.

For m8 telecom, choosing a hosted anti-spam solution made sense compared with alternative, more expensive appliance-based solutions that relied on adding yet another piece of equipment to the company network.

Configuring the hosted solution proved to be relatively simple: m8 telecom instructed its ISP to redirect incoming mail to the ESS servers, with cleared mail going to the company’s Exchange server. Blocked spam is redirected to a separate account for review and, after two days, disposal. Real-time spam blocking statistics are available through a secure Web-based portal, allowing Ghazarian to track ESS performance over time.

So far, however, the lack of even one false positive has made the new environment a hands-off endeavour for Ghazarian, with the near total elimination of spam boosting productivity throughout the company. “It’s saving us all time, and doesn’t tie up our servers as much,” he says. “The whole thing has been very easy to do.”

GLENDALE, Calif., Dec. 14 /PRNewswire/ — Panda Software has announced the compatibility of its product line with the new Microsoft Windows Vista operating system. It has launched the “Windows Vista Information Center” where users will find information about the compatibility of Panda Software products with the new operating system.

New users will be able to download beta versions and final versions of Panda Software products that support Windows Vista. Existing users of Panda Software’s 2007 consumer line will automatically get the new versions compatible with Windows Vista for free as soon as the final release versions are available.

Currently, users can download Windows Vista-compatible beta versions of Panda Antivirus 2007, the fast and light antivirus for home users, and Panda ClientShield, Panda Software’s solution for protecting corporate workstations.

Panda Antivirus 2007 is the lightest antivirus in Panda Software’s consumer product line. This new easy-to-use solution offers complete protection against known and unknown Internet threats, with a minimal use of system resources. The new Panda Antivirus 2007 is aimed at home-users whose use of the Internet does not require a complete security suite. It has been designed to install and forget, protecting the system automatically from the moment it is installed.

Panda ClientShield with TruPrevent(TM) Technologies is a global protection solution for workstations in corporate environments. With its high- performance, low-consumption solution, it protects against viruses, worms, Trojans and all types of malware. It can also filter spam and block the use of spyware, dialers and other hacking tools. Administration is quick and simple due to the integration with the AdminSecure console, considerably reducing update time and therefore the risk of infection for corporate workstations. It also includes TruPrevent(TM) Technologies to protect workstations from unknown viruses and threats.

About Panda Software, USA

Panda Software (www.pandasoftware.com) is a world-class developer and provider of integrated security solutions designed to neutralize viruses, hackers, Trojans, spyware, phishing, spam and other pervasive Internet threats. With Panda Software’s revolutionary TruPrevent(TM) Technologies, the company’s innovative products are on the leading-edge of intelligent security solutions, ensuring clients are protected even against new threats that have yet to be identified. PandaLabs, the most rapid response laboratory in the industry, delivers comprehensive updates to users, providing a worldwide response to malware 24 hours a day, 7 days a week, all year round.

For further information, please visit www.pandasoftware.com.