Software News Daily » security and protection

Trend Micro 3 for 2

Kyle — Mon, 08 Aug 2011 22:14:54 +0000

Update: This promotion has ended on 9/30/2011. Sign up for our email notifications to stay current on up-to-date software news, reviews and promotions.

For more than 20 years, Trend Micro has been a worldwide leader in web, messaging and endpoint security software with such amazing software titles as Endpoint Protection, Business Security and Control Manager.

In response to overwhelmingly popular demand, Trend Micro has announced that they are reviving the wildly popular “3 for 2″ program. Until September 30th, 2011, customers purchasing new, 2-year licenses of Trend Micro Enterprise Security for Endpoints or Trend Micro Worry-Free Business Security will receive an additional year at no extra charge.

Enterprise Security for Endpoints is a combination of anti-malware and in-cloud protection software that safeguards your PCs, notebooks, tablets, smartphones and laptops from external threats. The new File Reputation in OfficeScan shifts the burden of pattern file management into the cloud, freeing up your resources, and Web Reputation ensures the security of your endpoints by denying access to known malicious sites.

Worry-Free Business Security is an anti-malware and anti-spam software that provides businesses with a more effective, more intelligent, and more easy-to-use to safeguard their assets from internet threats. Worry-Free Business security defends against viruses, spyware, spam and other threats before they reach your business, and continuously updates your protection in order to more quickly detect and block threats.

To learn more, call our certified licensing experts at 1-800-474-1045 Ext. 3 or email our sales team at sales@softwaremedia.com.

Microsoft Announces “BlueHat Prize” for Exploit Patches

Justin — Thu, 04 Aug 2011 20:02:11 +0000

IT professionals from all over the world converge for the annual Black Hat Technical Security Conference held in Las Vegas every year. This year it is being held at Caesars Palace. Along with great training sessions and briefings featuring the industry’s top security experts, individuals show off their skills and tools to help other members in the community. Additionally, companies will make special announcements. Yesterday, Microsoft announced the BlueHat Prize.

The BlueHat Prize is a $250,000 contest designed to eradicate entire classes of exploits. Some companies, like Google, for example, will offer payments for vulnerability reports submitted by users. These “bug bounties” and as they are often times called, provide companies with much-needed extra sets of eyes to test out products as they are live to help patch security leaks in the software code. With the BlueHat Prize, Microsoft has decided to go in a different direction. They don’t want to just fix the occasional bug and exploit. They want to strike at the heart of hackers and stop entire classes of exploits.

By offering a larger lump cash reward, Microsoft hopes programmers will see this as a serious project and use their found bugs for patching and defense, as opposed to (the also lucrative) selling of bug reports to the highest hacker bidder. Hats-off (pun intended) to Microsoft with this new exploit hunt program, and good luck to all the white knights of the security industry.

Trend Micro Antivirus: Worry-Free Business Security

Kyle — Wed, 20 Apr 2011 18:10:43 +0000

Hackers and viruses and spam, oh my! In the modern digital world, internet security is an absolute necessity for any business. Unfortunately, not every business is capable of keeping an information technology department on staff to continually deal with the constant maintenance and administration that many internet security systems require. The Trend Micro antivirus and internet security program, Worry-Free Business Security, is an anti-virus and anti-spam solution that prides itself on being fast, effective and simple, and is available in standard or advanced editions to custom-fit the security needs of nearly any business.

Below, we have compiled a nifty little buying guide to help you decide which version is best for your business – big or small.

Worry-Free Business Security Standard is a cloud-based, on-premise hosted security solution, designed for use by small businesses with little or no IT resources. Insanely simple to install and operate, it runs scans quickly and quietly, controls access to USB devices, secures wi-fi connections and URL filters block access to inappropriate web locations.

Worry-Free Business Security Advanced is equipped with all of the ease, speed and iron-clad protection of the standard version, plus new, improved and expanded features for an even stronger defense of your machines, servers and data. In addition to improved internet protection and data-loss prevention, the advanced edition has been designed to also support Macintosh clients and servers.

Some of the features found in Worry-Free Business Security Standard

Web threat protection stops viruses and threats before they can affect your system
Smart Scan – faster scanning, quicker updates and minimal performance drop
Smart Feedback – faster identification and response to threats
Supports PCs, Laptops, Windows Servers, VMware and Microsoft virtualization
Defends against viruses, spyware, bots and rootkits
URL filters block access to unwanted websites
Intuitive web console
On-site management server
USB Device access control
Scans and blocks spam

Some of the features in Worry-Free Business Security Advanced

Support for Macintosh computers and servers
Data loss prevention via email messages
Hosted email security inbound filtering
Integrated threat protection
Mult-layer antispam for Microsoft Exchange Servers

These programs and other great deals on software are available at SoftwareMedia.com

Or check out our other great software guides.

What is Endpoint Protection?

Kyle — Wed, 13 Apr 2011 12:30:23 +0000

In this mad world of hackers, cybercriminals and rampant malware, no one -from individuals to businesses- can afford to be unprotected. There are countless protection solutions available, and often it can be difficult to decide on the best internet security for specific needs. For many end-users, firewalls and antivirus programs are ideal, but for those businesses that rely on central servers with many devices connecting at once, endpoint protection is the most likely -and one of the most effective- security solutions available.

Many people are unclear as to what, exactly, endpoint protection entails. Essentially, endpoint protection is security software that is installed on endpoints (individual user devices such as PCs, laptops and handhelds) and centrally managed by the server to which each endpoint connects. The central server/gateway will host the central security program which verifies logins and downloads updates and patches as needed.

Some of the more advanced endpoint protection systems will use network access controls to grant authorizations and limit methods of access to certain devices. When attempting to connect to the network, the central system will determine authorization and ensure that connecting devices are in compliance with access regulations; often this means that devices with unauthorized software such as games and file-sharing programs will be disallowed.

There is a multitude of internet security solutions available on the market today, and choosing the best endpoint protection is often difficult. An excellent product to check out would be Symantec Endpoint Protection 11. Symantec has been a giant in the internet security business since its founding in 1982, and its products and security solutions continue to impress. Combining the benefits of Symantec Antivirus with powerful threat-prevention software, Symantec Endpoint Protection 11 is a powerful security solution for networks of virtually any size.

Hacktivists – Who Are They and How Do We Defend Against Them?

Kyle — Tue, 05 Apr 2011 12:00:21 +0000

Almost anyone who ever has used a computer -or seen the movie “The Net”- knows what a hacker is, and what it is they generally do. Most people, however, are unaware that not all hackers are malicious digi-ninjas stalking the shadows of cyberspace, ready to infiltrate and steal individuals’ personal information. There exist a great many people who use their prodigious computer skills for what they see as cyber civil-disobedience and righteous sociopolitical reform. These people are known as “Hacktivists.”

Hacktivism -a lovely little portmanteau of hacker and activism- is defined as the practice of promoting a political or social agenda by hacking, especially by defacing or disabling websites.

In one of the more well-known recent instances of cyber-protesting, “Anonymous,” a loose confederation of hackers with ties to the infamous 4chan message boards, launched Denial of Service (DoS) attacks against business giants such as MasterCard and PayPal in retaliation for their perceived betrayal of the popular freedom of information site, WikiLeaks. The attacks were successful in rendering the entire MasterCard website inaccessible for several hours, while disabling only some of the PayPal pages. Read the full news article here.

While DoS attacks are a tangible threat, they are not the only weapon in the hacker arsenal. One of the most prolific causes behind which hacktivists rally is the belief in the fundamental right to freedom of information; battling against censorship and often advocating software piracy. In this modern, digital age, information is one of the most valuable (and most often stolen) commodities around, and hacktivists who seek to use data-mining software to disseminate sensitive or classified information to the public are a significant risk to businesses and organizations.

One of the best ways that a company or organization may protect against hackers and unauthorized access of its sensitive data is through the use of encryption. Internet security programs like Symantec PGP use a combination of hashing, data compression and cryptography to provide encryption, decryption and authentication for data access and communications, making nearly impossible for unauthorized users to access digital information.

While Symantec is a spectacular tool for corporate customers, it might prove unnecessarily complex for smaller businesses or individual home-users who want to protect themselves, but don’t necessarily need all of the advanced features. For smaller-scale consumers who desire exceptional protection from hackers and the like, one option could be the up-and-coming contender in the internet security ring: Bullguard Internet Security.

No matter your personal politics, or whether you believe that hacktivists are digital-age freedom fighters or vengeful cyber-terrorists, one thing that is certain is that hackers in general are a threat to personal and financial security which cannot be ignored. The best way to protect yourself and your personal information is to ensure that -just like your home or business- the doors to your computers and networks are locked tightly, and the only ones who can open them are those to whom you give the key.

Symantec and Bullguard, along with tons of other great deals on discount software, can be found on Softwaremedia.com. Head on over and check it out!

Child Protection Online: How-To Guide

Justin — Tue, 08 Mar 2011 21:42:30 +0000

The Internet is a wondrous tool which provides users with methods of communication and information gathering the world never dreamed possible. However, with such an open digital world, there are those who will use it in dark and sinister ways. As parents, child protection online is a very real issue dealt with on a daily basis. It is quite frightening to know there are people out there with the sole intent to find children and exploit them. What’s a parent to do? Luckily there are many resources available to parents to provide family internet protection on their home computers. The FBI put out a guide: A Parent’s Guide to Internet Safety. Reading it made me worry for my kids—and I don’t even have any yet! However, it did provide some good, common sense advice and tips on what to do in these situations. Many of the same tips you’ll find below.

The first step in protecting your children on the internet is to be pro-active. Monitoring children’s internet use, talking to them about potential online dangers, and establishing firm rules on computer usage make up the best foundation in child internet safety. However, we all know it isn’t possible to be watching over your son’s or daughter’s shoulder every second; that’s where parental control software steps in. Think of it as an extra set of eyes for you and a security guard for your child. Designed to help you monitor internet activity and also provide a barrier between the child and threatening individuals, these programs give much needed ease-of-mind. Internetsafety.com has created Safe Eyes to be a leader in said software. Safe Eyes Parental Control Software – Two-time Editor’s Choice, PC Magazine – has won numerous customer choice awards and is trusted by families nationwide.

Bottom line: the internet can be both very beneficial and very scary. But with some active steps in teaching children, setting boundaries, and having a secondary source of protection via a program like Safe Eyes, the internet can be quite a bit less scary. If you’d like to learn more about Safe Eyes and how it can help protect your kids online, check out their website: Internetsafety.com.

PS – Internetsafety.com is offering a special for anyone who buys Safe Eyes right now: Save 20% off Safe Eyes Parental Control Software – Use promo code: safeeyes20off

Drive-By Downloads: Malware Installed Without Your Knowledge

emily — Mon, 06 Dec 2010 17:45:28 +0000

I recently attended a Symantec training event and heard the phrase “drive by download” a couple of times throughout the symposium. From what I could gather, these “drive-bys” were a new hot topic in the anti-virus world (not a reference to scenes from ‘Boyz n the Hood’). Curious, I thought I’d do a little more research on drive-by downloads (or DBD’s as I will unofficially and unaffectionately call them).

Malware started coming about commonly in 2007, and is most commonly distributed via email. Short for ‘malicious software’, it is designed to secretly access your computer without your consent to install viruses, worms, Trojan horses, spyware, adware and more. Pretty scary stuff. But in this day and age, most of us have gotten used to these email scams, and we are pretty savvy in terms of when to click and when to mark that bad boy as junk and delete it.

So hackers have had to get creative. Their new ploy? Find an area of vulnerability on a third party application within a computer and gain entry that way. This is often done by placing their code as an invisible link to their server, which will try to load the download onto the user’s system. The basic definition of a drive by download is one that happens without a person’s knowledge.

If you have been affected by a DBD, chances are you don’t even know. You are usually directed to a website and your popup blocker goes crazy and your browser slows down. It happens quickly. This short video from Symantec does a great job of defining drive by downloads in layman’s terms.

So what is the purpose of this malware? What can happen once installed? While often these programs are written as experiments or pranks, more frequently they are intended for-profit. They could be used to monitor a user’s web browsing activities, display unsolicited advertisements, or redirect you to a site that would bring in affiliate marketing revenue for the creator. The sophisticated ones could even steal your identity and use it maliciously.

And then the all important question, what can be done to prevent drive by downloads? The best thing you can do is to start with a trusted Internet Security suite like Norton Internet Security for your home or SOHO; or Symantec Endpoint Protection for your business. Once you have them installed, make sure you keep them on and install updates when they are available. In terms of removal, one website recommends hitting ctrl+F4 and shutting down your internet connection as soon as you suspect unusual activity. This will allow you to run your security software and see if anything malicious came through.

So, fellow computer users and internet browsers, always be on the alert. Today’s protection programs are constantly improving, but hackers are still there, trying to one-up them in any way possible. Have you been affected by a drive-by? We invite you to share your story in the comments section below.

“Stuxnet” – Not Your Typical Worm

Justin — Mon, 20 Sep 2010 22:59:04 +0000

Malware, Rootkit, Spam, Trojans—these are all everyday words in the computer world, much to the chagrin of businesses and users worldwide. Fortunately, dozens of companies and organizations exist solely to seek out and destroy these viruses and such before they have the chance to cause serious damage. Just as we walk around surrounded by germs and bacteria in the real world without second thought, we do the same on the virtual level when traveling through Cyberspace. However, every now-and-then comes a virus or worm which catches the world off-guard. Stuxnet could be the Swine Flu of the year. Maybe worse.

Without going into too much technical jargon (thereby avoiding the impending blackout as a result of readers’ drool shorting out their keyboards as they doze off into boring tech-speak oblivion), I’d like to talk a little about Stuxnet and why it’s creating such a buzz. Stuxnet got the attention of everyone a couple months ago when it was discovered, by Kaspersky Labs, that it found its way through a Windows security hole instead of just USB sticks as was originally thought. Stuxnet was designed to attack SCADA systems: typically used to manage complex industrial networks, for example: a power plant. Microsoft quickly patched the hole, and that was that. Or was it?

More recently, experts have learned that Stuxnet implements very stealthy techniques to keep from being detected and could, in fact, be a much larger threat than predicted. One way is it uses legit digital signatures from Realtek Semiconductor Corp. This helps it gain access from users without their knowing. In addition, Stuxnet appears to run a system check to see if it’s on a corporate or control systems network. Depending on the data received, Stuxnet will exploit specific vulnerabilities. Such knowledge of Realtek and SCADA systems suggest those responsible for Stuxnet are very well organized and sophisticated.

Although there remains a lot of mystery behind Stuxnet and what its ultimate purpose is, the good news is most of the (known) successful attacks have been aimed at Iran and other underdeveloped countries. Companies are working around the clock to patch the vulnerabilities and root out any traces of Stuxnet on infected systems. If you’d like to read more details about Stuxnet, Microsoft’s TechNet blog posted a great article entitled “The Stuxnet Sting”. In it you’ll see where the US and other countries fall in terms of Stuxnet attacks.

Adobe Flash Vulnerability

Justin — Tue, 14 Sep 2010 19:11:38 +0000

Adobe is having a rough month so far. Last week they announced hackers are exploiting a bug in their Reader PDF viewer. Now, Adobe has come out and said Flash is also vulnerable to hackers. Don’t worry though, Adobe is working hard to fix the issues and has patch updates scheduled for both products in the next couple weeks. Until then, you have to be careful and alert of any suspicious activity.

The attacks are classed as “targeted” and aimed at only Windows users; however, the bug is found in all editions of Flash—including Mac, Linux, Android, and Solaris. In addition, the vulnerability also affects Reader and Acrobat. According to the Flash Security Advisory posted on Adobe’s security bulletin, the vulnerability “could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Adobe Flash Player on Windows.” Sounds serious. Adobe did have a silver lining in their report: “Adobe is not aware of any attacks exploiting this vulnerability against Adobe Reader or Acrobat to date.” This doesn’t mean it couldn’t happen between now and the patch, but at least, for now, it’s not an issue.

There is no question that hackers are getting more creative (desperate?) in their attempts to infiltrate computer systems. The “Good Guys” work 24/7 to protect us from malicious attacks. Are you protected from viruses and malware? Maybe you’re unsure which program is right for you? Check out our selection of internet security suites and safe-guard your computer today!

Gizmodo iPhone Scoop Leads to iPhone Raid

Lansia — Tue, 27 Apr 2010 05:55:10 +0000

Everyone is excited for the new generation of iPhones. Maybe a bit too excited?

Gizmodo recently posted a huge scoop with photos and video for the next iPhone. But the police are questioning how editor Jason Chen acquired the iPhone prototype for his written review.

Last Friday night, California’s Rapid Enforcement Allied Computer Team raided Chen’s home (while he was away, but with a search warrant) and confiscated four computers and two servers. There’s a lot of information regarding the situation and questions of legality are being thrown to both sides of the action.

According to TechCrunch, Gizmodo admits to paying $5000 for the alleged iPhone 4g prototype, but “contended the device was found at a bar, not stolen.” Gizmodo also contests, “the search warrant to remove these computers was invalid under section 1524(g) of the California Penal Code.” This code, sometimes referenced in part of the Shield Laws, states “no warrant shall issue for any items described in Section 1070 of the Evidence Code.” Basically, it protects journalists from having to reveal their source(s) and includes any unpublished information. Does that apply to online blogs, such as Gizmodo? Well, the DA has currently halted the police investigation as they thoroughly mull over Gizmodo’s defense statements.

Jason Kincaid at TechCrunch asked Stephen Wagstaffe, Chief Deputy at San Mateo County District Attorney’s Office, if it was “typical for the DA to evaluate the relevance of these shield laws after removing evidence.” Yep, “Wagstaffe did concede that it was unusual.”

The Business Insider says Chen may face up to one year in prison if “convicted of a felony for receiving stolen property or aiding a thief.” SND Readers, what do you think? Was Chen in the wrong? Were the police too quick to raid?

typical for the DA to evaluate the relevance of these shield laws after removing evidence