InfoSec News

Avast Free Antivirus 5 took the top spot in our late 2010 roundup of free antivirus software. It provides good, all-around malware detection in a speedy, well-designed package. We liked its easy installation process, smooth interface design, and minimal impact in system performance. However, although it wins out overall, its malware detection, while good, isn't the best we've seen.
BitDefender Antivirus Pro 2011 ($40 for a one-year, three-PC license as of 11/23/2010) ranks second in our roundup of 2011 paid antivirus software. In our tests, it did a good job at detecting malware, and was the top performer at removing infections from a PC, which pushed it up the leaderboard, but it had some trouble blocking live malware attacks, preventing it from climbing any higher.
Comodo Internet Security Premium came in fifth in our late 2010 roundup of free antivirus products. Although it was last among the products we tested, it did a very good job at blocking brand-new malware. Its detection of known malware lagged behind top performers, though, and it tied for the most false positives.
When we looked at the beta of Microsoft Security Essentials in 2009, we were impressed with its clean, easy-to-use interface, but less so with its sluggish scan speed. This still holds true for Microsoft Security Essentials 1.0; also, it hasn't kept pace with newer antivirus products when it comes to detecting malware.
Depending on whom you ask, paying for antivirus software is either a good investment or a total ripoff. In reality, neither viewpoint is accurate. You can find plenty of good reasons to choose a paid antivirus product, and plenty of good reasons to go with a freebie.
G-Data AntiVirus 2011 ($30 for a single-PC, one-year license as of 11/23/2010) placed fourth--albeit a close fourth--in our roundup of 2011 antivirus products. G-Data continues its recent trend of strong malware detection, blocking, and removal in 2011, and couples it with a good interface.
Panda Cloud Antivirus is a unique entry in the free antivirus race. Most free antivirus products still rely on signature updates to detect new malware, but Panda's program instead uses fresh data about malware direct from Panda's servers. As a result, Cloud Antivirus put up some excellent results in some malware detection tests, but its scan speeds were slower than we would have liked to see.
Norton Antivirus has been a strong performer in recent years, and this year is no exception. Norton Antivirus 2011 ($40 for a one-year, single-PC license as of 11/23/2010) comes in first in our roundup of 2011 paid antivirus products. It does a very good job at detecting and removing malware, and it has a smooth interface.
Avira AntiVir Personal ranked second in our late 2010 roundup of free antivirus products. AntiVir has strength where it counts most: It did a great job at detecting and blocking malware. That said, its interface needs some improvement.
Kaspersky Anti-Virus 2011 takes fifth place in our roundup of 2011 antivirus software, closely trailing fourth-place finisher G-Data AntiVirus 2011. It did a great job at stopping brand new malware attacks, and a reasonable--though not top-notch--job at detecting known malware, and it sports a well-designed interface. On the downside, its impact on PC performance was worse than average.
Seagate Technology has closed off talks on a potential private-equity buyout while saying the hard-disk-drive market has improved.
A&G insurance is probably best known for its Budget Direct insurance brand. IT director, Paul Malt, talks to CIO.
Comcast has demanded that broadband backbone provider Level 3 Communications pay it a recurring fee for delivering video traffic to Comcast customers, Level 3 said Monday.

Exempting Infosec from Civil Service
... in which all employees aren't protected by civil service, and state CSO Elayne Starkey says that approach attracts high-caliber infosec professionals. ...

Three developers have released software that allows Windows Phone 7 users to "sideload" applications onto their phones, giving access to applications that have not been approved by Microsoft.
Security data. Everybody needs it. Lots of companies and organizations are producing it. Here's where to find it.
Gartner says that server shipment and revenue grew during the third quarter this year.
PHP Versions Prior to 5.3.3/5.2.14 Multiple Vulnerabilities
OpenSSL 'ssl3_get_key_exchange()' Use-After-Free Memory Corruption Vulnerability
At Microsoft, HP and IBM, investment in research and development is a reflection of corporate culture. This three-part story examines the different approaches taken by each of these influential tech companies. HP prides itself on its pragmatism, Microsoft holds the flag of basic research aloft and IBM continues to file more patent applications each year than any other tech company.
After several denial-of-service attacks hit it over the weekend, WikiLeaks is now being hosted by Amazon servers in the U.S. and Ireland, according to IP traces conducted today.
Iran has reportedly confirmed that the Stuxnet worm hit centrifuges used to refine uranium in the country.
Clearwire began offering commercial WiMax service in South Florida on Monday, the first time it has launched in a new market without opening retail stores or buying local advertising.
A few years back, I predicted that a cable company would supply the lion's share of WAN services to a Fortune 100 company within the year. Still hasn't happened, but there are increasing signs that 2011 could be the start of cable as a serious contender in the enterprise arena.
FoxMediaTools FoxPlayer '.m3u' File Buffer Overflow Vulnerability
The U.S. Supreme Court on Monday agreed to hear Microsoft's appeal of a $290 million patent infringement judgment that forced the company to revamp its popular Word software earlier this year.
Gartner has cut its projections for PC sales growth this year, citing increased competition from tablet computers and smartphones as well as a struggling economy.
[ MDVSA-2010:243 ] libxml2
Just in case you missed this on Friday, Sun have released details of three vulnerabilities with Solaris components:

PERL 5.8 -Safe Perl Modules ( - Covers CVE-2010-1168
Apache - Apache Portable Runtime utility library - Covers CVE-2010-1623
BZIP2 - Interger Overflow vulnerability - Covers CVE-2010-0405

All patches available via sunsolve.
Steve Hall
ISC Handler (c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.
Across at our sister site, the SANS Security Institute the Application Security Street Fighter Blog brings us proof that what you see, isn't what you get. Or at least with the latest in phishing techniques on a mobile platform.
With many financials pushing to have their customers able to access their accounts via mobile devices, they should be away of this technique for spoofing site identification. The threat? The URI bar at the top of the browser page. Fair game it would appear.
Steve Hall
ISC Handler (c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.
Microsoft has started letting developers build and release applications for Windows Phone 7 using Visual Basic, potentially opening the door to more applications on the new smartphone platform.
Identity thieves can hide URLs on the iPhone's limited screen real estate, tricking users into thinking they're at a legitimate site, a security researcher said today.
The White House has ordered all federal agencies to review systems for protecting sensitive data due to the latest release of potentially damaging classified data by WikiLeaks.
Oracle users want private clouds but most are still in early development, a user group study has found.
RETIRED: WordPress Register Plus 'wp-login.php' Multiple Cross Site Scripting Vulnerabilities
Cisco VPN Concentrator Groupname Enumeration Weakness
libxml2 'XPATH' Memory Corruption Vulnerability
Two U.S. agencies get court orders allowing them to seize the domain names of 82 Web sites allegedly violating copyright.
Wireshark Malformed SNMP V1 Packet Remote Denial of Service Vulnerability
Microsoft Windows User Access Control (UAC) Bypass Local Privilege Escalation Vulnerability
Microsoft Office Communications Server (OCS) 2007 R2, which was released in early 2009, does a credible job of providing presence awareness, instant messaging, conferencing and voice capabilities. Still, these services aren't always integrated, and thus aren't easily managed by IT staff. For end users, the lack of integration means maintaining various sets of contacts and working differently depending on the application.
NB asked me about precautions for banking online.
n.runs-SA-2010.003 - Hewlett Packard LaserJet MFP devices - Directory Traversal in PJL interface
Microsoft is working on a display technology that shifts under the user's touch.
The key is to think about what the business needs from you.
Our manager ends his first year at his new company ahead of the strategic plan, but challenges always await.
Windows Explorer (not to be confused with Internet Explorer, the Web browser) is Microsoft's built-in file and folder manager. It's a useful tool, but confusing in places and not very intuitive for novice users. (Heck, even finding it isn't always obvious.)
[ MDVSA-2010:242 ] wireshark
[SECURITY] [DSA-2127-1] New wireshark packages fix denial of service
SQL injection and Path Disclosure Auth Bypass in 4images 1.7.X
Vulnerabilities in Joomla
Let's say you're off to a lecture at college, or a meeting at work. You'll need to take notes, but you've got a busy day, and you'll be running around a lot. You could take your laptop, though its weight may drag you down, or you could save your back some strain and bring your iPad instead. (The heaviest iPad weighs only 1.6 pounds compared to lightest laptop ever, the 2.3-pound MacBook Air.)
A satellite that promises to bring broadband Internet to several areas of Europe was successfully launched late Friday.
Perl Safe Module 'reval()' and 'rdo()' Restriction-Bypass Vulnerabilities
Samsung's Continuum smartphone has a great display and an informative Ticker, but its software is problematic.
HP Multiple LaserJet Printers PJL Directory Traversal Vulnerability
A newly detected drive-by attack encrypts media files and Microsoft Office documents and then demands payment to have the files decrypted.

Add to digg Add to StumbleUpon Add to Add to Google
Comcast's cable Internet service on the East Coast was hit with problems late Sunday that left many users unable to access the Internet.
Making Twitter meaningful on a personal level to its users is the biggest challenge facing the microblogging service in the future, according to former CEO and co-founder Evan Williams.
Linux Kernel 'hdsp.c' IOCTL Local Information Disclosure Vulnerability
Linux Kernel 'hmid_ds structure' Local Information Disclosure Vulnerability
Linux Kernel 'inet_diag.c' Netlink Message Denial of Service Vulnerability
Asustek Computer on Monday unveiled the Eee Note EA-800, an e-reader with a stylus for taking notes on its 8-inch touchscreen. The device will be available in Taiwan later this week for the suggested retail price of NT$6,999 (US$228), Asustek executives said.
U.S. online shoppers spent $648 million, 9% more than last year, on Black Friday, the official kickoff to the lucrative holiday shopping season, online researcher comScore reports.
Linux Kernel CAN Protocol Information Disclosure Vulnerability
Linux Kernel Multiple 'net/' Subsystems Local Information Disclosure Vulnerabilities
Linux Kernel Heap Buffer Overflow Vulnerability
Better data security doesn't have to be complicated or expensive. Try these four fundamental improvements for preventing corporate data breaches.
Hanso Player '.m3u' File Remote Buffer Overflow Vulnerability
Wireshark LDSS Dissector Buffer Overflow Vulnerability
Ots Labs OtsTurntables OFL File Buffer Overflow Vulnerability
CA Internet Security Suite 2010 'KmxSbx.sys' Local Privilege Escalation Vulnerability

Internet Storm Center Infocon Status