Fresh Off The Block


Jul
22
2011

Google starts warning users of malware infection

A recent post on the Official Google Blog and cross-posted on the Google Online Security Blog will certainly please security researchers and anti-virus developers, as well as raise eyebrows for a lot of other people – Google has begun to warn users of its Search Engine when it believes they may be infected with a particular strain of malware.

Reportedly, it all started when Google performed routine maintenance on one of their data centres, and took a look at search patterns performed on their search engine handled by it. Google discovered that some of the traffic looked highly unusual, and brought it up with security engineers at several companies that were sending this modified traffic. Together, it was determined that the computers exhibiting this behavior were infected "with a particular strain of malicious software".

In a move to keep the users of Google services safe and prevent data theft – which would be a nightmare for everybody – Google has taken the unexpected step of warning its users when it detects a search request that its research indicates may mean the computer is infected with this malware. If such an infection is detected, this message will appear above their search results:

"Your computer appears to be infected"

"Your computer appears to be infected" - Google warns this user of a malware infection

It should be made clear that this is not comprehensive protection. Google only detects one particular strain of malware and provides advice on how to remove it from infected computers – it does not (and cannot) actually remove the malware itself, and other bad software may not be detected at all. According to Google, "The malware appears to have gotten onto users’ computers from one of roughly a hundred variants of fake antivirus, or “fake AV” software that has been in circulation for a while. We aren’t aware of a common name for the malware. We believe a couple million machines are affected by this malware."

Even with the limited protection it provides, Google believe this new step to keeping users safe has already resulted in tens of thousands of people being made aware of the malware that would not have been otherwise, and subsequently caused fewer lasting infections and made Google users much safer overall. Which is surely something to be commended.

What Our Visitors are Talking About


Latest CommentsOn Twitter Right Now
  • “Unlock” Dialogue for Clone System tool in Aomei Backupper 2.5 by William Sims
  • Microsoft gets 561 million euro fine for missing browser ballot “oversight” by Gamer Repulic's Dorthea
  • Microsoft gets 561 million euro fine for missing browser ballot “oversight” by Sherman Moya
  • Microsoft gets 561 million euro fine for missing browser ballot “oversight” by Microsoft gets 561 million euro fine for missing browser ballot “oversight” | The Sanitarium.FM
  • Valve’s Steam Gaming Computer: What we know so far by Valve's Steam Gaming Computer: What we know so far | The Sanitarium.FM
  • Tweet to @TMWeb to have your comments appear here!

    Previous Articles


    Apr
    05
    2011

    Symantec: Targeted computer attacks almost doubled in 2010

    Antivirus software maker Symantec said Tuesday that attacks increased some 93 percent from 2009 to 2010, with a staggering 286 million new threats reported last year alone. An increase in the number of attacks on enterprise systems was noted, as well as the use of social networks as an attack vector. Read the rest of this entry »

    Digiprove sealThis informative article has been Digiproved © 2011
    Acknowledgements: http://www.betanews.com/article/Syman more...
    Some Rights Reserved
    Jan
    26
    2011

    Zuckerberg’s Facebook page hacked

    In what can only be described as irony on a high level, Mark Zuckerberg – owner of Facebook – had his own Facebook page hacked on Tuesday, to promote an alternative business plan for the social network site.

    Unknown pranksters defaced the page with a message suggesting that Facebook ought to allow ordinary users to invest in the site in a “social way”, rather than getting its financing from the banks. The message suggested the idea of using “micro-payments”, which is a system that allows people to make small regular payments to a service, which can add up to a substantial amount when others join in. The post, which was appended with the hacker tag #hackercup2011, gained the thumbs up (“like”) of more than 1800 people before the social network restored the boy-droid page to normal.

    It’s unclear how the hack took place, but weak password security by the team of minions maintaining the page is the most likely explanation – and suggestions that this may have been the case have caused mass ridicule and laughter all across the internet. Screenshots of the Zuckerberg hack can be found in a blog post by net security firm Sophos here.

    The incident follows a similar hack on the profile of French President Nicolas Sarkozy earlier this week. A badly worded update posted by miscreants falsely suggested Mr Carla Bruni would not seek re-election next year.

    Digiprove sealThis informative article has been Digiproved © 2011
    Jan
    01
    2011

    New virus threatens Android devices

    A new virus, apparently originating from China, has recently been discovered in the wild, and can allow a hacker to gain access to personal data and force the details to be saved to remote servers. But this virus doesn’t affect Windows, Mac OS, or any similar operating system. Instead, this is a virus that targets Google Android platforms!

    A report this week from Lookout Mobile Security said the new Trojan affecting Android devices has been dubbed “Geinimi” and “can compromise a significant amount of personal data on a user’s phone and send it to remote servers.” The firm Read the rest of this entry »

    Digiprove sealThis informative article has been Digiproved © 2011
    Dec
    31
    2010

    Hackers expected to focus on Google and Apple in 2011

    As it assesses the forthcoming threat vectors for 2011, IT security giant McAfee is predicting that Internet TV platforms, in particular Google TV and Apple TV, will be high among the list of targets for emerging threats in 2011. In fact, McAfee say that its list comprises 2010’s most talked about platforms and services, including not just Apple TV and Google TV but also Google’s Android, Apple’s iPhone, foursquare, and the Mac OS X platform. These are all expected to become major targets for cybercriminals as they get more popular.

    Focusing on potential privacy leaks from TVs, McAfee says that new Internet TV platforms were among some of the most highly-anticipated devices in 2010. Due to the growing popularity among users and “rush to market” thinking by developers, McAfee expects an increasing number of suspicious and malicious apps for the most widely deployed media platforms, such as Google TV. McAfee believes that these apps will likely target or expose privacy and identity data, and will allow cybercriminals to manipulate a variety of physical devices through compromised or controlled apps, eventually raising the effectiveness of botnets. With Internet-enabled TVs getting close to matching smartphones or low-powered computers in their technical abilities, it’s only a matter of time before they are exploited in some way, and many of the possible vulnerabilities of connected TV and IPTV services have only just begun to emerge. It is likely we’ll learn more about the risks as time progresses.

    Digiprove sealThis informative article has been Digiproved © 2010
    Dec
    20
    2010

    Google Search results now include security alerts to warn of suspected hacked websites

    Google has started putting security information in its search results to warn both users and web-masters when it appears a website might have been hacked. The firm added the notification to its search results at the end of last week, and said that it is looking to help people avoid compromised sites. This, it added, could be the result of a hack by a third-party for the purposes of spamming visitors.

    Google is alerting users by adding a line under the search result that says, “This site may be compromised.” Clicking that link will take them to information about what that might mean. Clicking the link as normal will take the user through to the website, infected or otherwise.

    “When a user visits a site, we want her to be confident the information on that site comes from the original publisher,” wrote Gideon Wald, associate product manager at Google. Wald explained that Google is using automated tools to produce its information about hacked sites, and added that as well as updating its own search results it will also inform the web-master in question, or at least try to.

    Web-masters who are worried about being tarred by Google’s insecurity analysis can take some consolation that Google will remove the tag from their results once the problem is fixed, and within no more than a couple of days. He added, in response to said website owners: “Together, we can make the web a safer place.”

    Digiprove sealThis informative article has been Digiproved © 2010
    Dec
    20
    2010

    Google deletes UK Street View Wi-Fi data for good

    The UK Information Commissioner’s Office (ICO) has just confirmed that, in a process that was actually completed last month, Google UK has deleted all Wi-Fi data collected from the Internet giant’s Street View cars, where among the data included bits and pieces of e-mails, URLs and passwords. There are still legal wrangles for Google to tide over, so they aren’t out of the woods just yet, but at least this should help to cushion the blow for the company. It’s also good news for those who are paranoid about their privacy – for these people, this announcement comes as a welcome Christmas present, as now you can sleep soundly knowing Google now know nothing about any emails or personal data you may have sent over unencrypted networks all those months ago.

    Digiprove sealThis informative article has been Digiproved © 2010
    Dec
    16
    2010

    Microsoft Security Essentials updated to v2 – with tons of new stuff!

    Microsoft Security Essentials is a product created by Microsoft themselves, to help address the ever-growing malware issue on Windows computers. While it is commonly thought to be a terrific effort by Microsoft and the product tends to get very favourable reviews, I myself have found myself in the minority of people who feel the product was not really up to scratch. My main reasoning for this is because MSE felt like an unfinished and unpolished software in my viewpoint – the scans were slow, and it offered very little in terms of features other than a malware scan, and analysis of programs in your Startup. I also personally felt a tiny niggle in that the program seemed just a bit too basic when compared to other Anti-Malware solutions. In effect, it felt almost too much like a beta product, and the fact it was "v1" didn't help this viewpoint.

    It seems Microsoft have listened to my critiques, as now, Microsoft has released v2 of MSE, adding few features and making improvements. Strangely, Microsoft seems to be keeping fairly quiet about the update – I cannot even find an official announcement nor an official changelog for the release. However, the Help file of MSE v2 lists the following changes made in v2:

    This version of Microsoft® Security Essentials includes the following new features and enhancements to better help protect your computer from threats:

    • Windows Firewall integration. Security Essentials setup enables you to turn on or off Windows Firewall.
    • Network Inspection System. This feature enhances real-time protection by inspecting network traffic to help proactively block exploitation of known network-based vulnerabilities.
    • New and improved protection engine. The updated engine offers enhanced detection and cleanup capabilities with better performance.

    These features are described in more detail in the following sections.

    • Windows Firewall integration
      • Windows Firewall can help prevent attackers or malicious software from gaining access to your computer through the Internet or a network. Now when you install Security Essentials, the installation wizard verifies that Windows Firewall is turned on. If you have intentionally turned off Windows Firewall, you can avoid turning it on by clearing a check box. You can change your Windows Firewall settings at any time via the System and Security settings in Control Panel.
    • Network Inspection System
      • Attackers are increasingly carrying out network-based attacks against exposed vulnerabilities before software vendors can develop and distribute security updates. Studies of vulnerabilities show that it can take a month or longer from the time of an initial attack report before a suitable security update is developed, tested, and released. This gap in protection leaves many computers vulnerable to attacks and exploitation for a substantial period of time. Network Inspection System works with real-time protection to better protect you against network-based attacks by greatly reducing the time span between vulnerability disclosures and update deployment from weeks to a few hours.
    • Award-winning protection engine
      • Under the hood of Security Essentials is its award-winning protection engine that is updated regularly. The engine is backed by a team of antimalware researchers from the Microsoft Malware Protection Center, providing responses to the latest malware threats 24 hours a day.

    The new MSE v2 also seems to include some sort of "behaviour monitor". This is not mentioned in the help file, but appears in the program's Settings tab, with the explanation, "Tick to check for certain patterns of suspicious activity".

    Even more unusually, it seems like at this time there is no update of MSE available from MSE itself or Windows Update; you need to download v2 manually.

    I am yet to fully test out MSE v2, but from an initial viewpoint, it definitely isn't an unfinished product any more. In fact, it certainly seems to have become a much more comprehensive and professional-looking tool, which even feels like it could hold its own against some other commercial anti-malware solutions. The new version supports Windows XP, Vista and 7 in both 32- and 64-bit builds; and takes 7.5-9.5 MB of space to download depending on the build. You can download MSE v2 from the following links:

    Microsoft Security Essentials homepage

    [Direct download – 32-bit] [Direct download – 64-bit] Digiprove sealThis informative article has been Digiproved © 2010-2018
    Dec
    10
    2010

    Free WashAndGo 2009!

    Updated: In a previous edition of this post, I forgot to include the features list for WashAndGo 2009, and also some images were broken. This has now been corrected – sorry!

    Secure File Erasing Tools are seemingly ten-a-penny these days, and over my time in Technically Motivated I’ve covered two such tools already – Heidi’s Eraser, which is freeware and my personal favourite, and the commercial O&O SafeErase, which is very competent and comprehensive Erasing tool. If you still aren’t clued up on what Secure Erasers are or why you may need them, check out my post on why deleting a file often isn’t enough.

    WashAndGo 2009 is another commercial secure file erasing tool, but one that provides more than just file/folder secure deletion capabilities; WashAndGo 2009 allows users to clean temporary files, clean browser data, clean application data, etc. Interestingly enough, it even has a file unlocker and program uninstaller. Read the rest of this entry »

    Digiprove sealThis informative article has been Digiproved © 2010
    Nov
    29
    2010

    Free O&O SafeErase 4!

    If you’re a long-time visitor to Technically Motivated, you may remember that one of the first posts I made on the blog was a discussion about what “deleting” a file on a computer actually does, in which I made clear that the only real way to get rid of files permanently was through use of a Secure Erasing tool. If you’re a slightly less long-time visitor, you may remember my review of Eraser, which is one such tool that is available for free on the net, and one of my personal favourites. But there are other tools available out there as well, and I think it’s time to discuss another. Read the rest of this entry »

    Digiprove sealThis informative article has been Digiproved © 2010