McAfee Updates MOVE AV with Agentless Deployment

McAfee has updated its MOVE (Management for Optimized Virtual Environments) AV with an agentless deployment option. In addition, McAfee announced MOVE AV now has tighter integration with VMware vShield Endpoint environments. These two updates expand the features and capabilities of MOVE AV for protecting virtual servers and endpoints.

Companies are embracing virtualization for the flexibility, efficiency, and scalability it provides. It’s important, though, not to lose sight of the fact that virtual systems are each separate, individual systems. They still need antimalware and security protection like any other system, and the security tools in place on the physical host server will not protect the virtual systems running on it.

Virtual systems need protection too, and McAfee MOVE AV is here to deliver it.
One of the most common complaints about security software is that the agent or service running on the protected endpoint consumes system resources and impacts performance. In a virtual environment--where resources are already being shared across multiple virtual servers in the first place--this can be a more serious concern.

Read more »

1

How to Tell if You’re Caught in the Giant Global Payments Credit Card Fraud

How to Tell if You’re Caught in the Global Payments Credit Card Fraud
Fallout from the Global Payments fiasco that could affect potentially millions of credit cardholders continues. First, Visa over the weekend dropped the Atlanta-based credit card processor from its ranks as a partner "compliant" in accepted industry data security standards.

Meanwhile, Global Payments said that cardholders' names, addresses and Social Security numbers were not obtained by hackers. The company says that only what’s known as Track 2 data (relating to the magnetic strip on the back of the card) was stolen--that is, the credit card numbers and their expiration dates.

"Based on the forensic analysis to date, network monitoring and additional security measures, the company believes that this incident is contained," Global Partners added.

Read more »

6

Surprise! More Malware Appears On Android

Another week, another announcement of new mobile malware found infecting Android phones. The new bug this week is DKFBootKit, a nasty bit of work that can come packaged inside seemingly legitimate applications--much like most of the other mobile malware we've seen thus far. What sets DKFBootKit apart from malware like DroidDream, is that DKFBootKit replaces certain boot processes and can begin running even before the system is completely booted up.

The malware was discovered by the NQ Mobile Security Research Center in collaboration with cyber security expert Dr. Xuxian Jiang. The researchers found that, though the malware can be placed in pretty much any app, it is usually found in apps that ask for root permissions. Once it gains access to the root system, DKFBootKit will begin to wreak havoc on system stability and phone home to a remote server in order to gain further commands.

You can better your chances of not getting infected by only downloading apps from trusted sources: Don't download pirated apps, and stay off of foreign app stores. For more advice on how to avoid getting your smartphone infected, check out my tips for a malware-free smartphone. Make smart choices, and you should remain malware free.

Read more »

3

Chrome 18 Arrives with Nine Security Fixes

Google on Wednesday released Chrome 18 to its Stable channel complete with several new features and fixes for nine security vulnerabilities.

chrome
Officially named version18.0.1025.142, the new version of Google's open source browser offers improved graphics performance on both new and older hardware as well as closing numerous security holes, including three high-severity ones.

“Today’s web brings beautiful, rich experiences right into your browser,” wrote Vangelis Kokkevis, Google's “Chrome Graphics Olympian,” in a blog post on Wednesday announcing the new release. “With Chrome’s most recent Stable channel release, we’ve sped up graphics and drawing performance for users on capable hardware, and enabled fancier 3D content for other users on older computers.”

Read more »

1

Patch Now: Microsoft RDP Exploit Code Is in the Wild

When Microsoft released its March 2012 Patch Tuesday security bulletins last week, security experts were unanimous that MS12-020 needed to be patched urgently. A few days later, the threat got even more real when proof-of-concept (PoC) exploit code was discovered online. Patching MS12-020 is no longer just urgent, it’s imperative.

The MS12-020 security bulletin addresses flaws in Microsoft RDP (Remote Desktop Protocol) that could be used in remote attacks. Because RDP generally doesn’t require additional network credentials, and it’s typically used by IT admins as a way to remotely manage servers the vulnerabilities pose an even greater risk.

It is crucial that you apply the MS12-020 patch as soon as possible...or sooner.
Andrew Storms, Director of Security Operations for nCircle, stressed, “Patch this one immediately, if not sooner.”

Read more »

1

Pinterest Is Fertile Ground for Online Scams

Pinterest has exploded onto the social networking scene as the new hot thing to use. Beware what you click on or "pin," though. The skyrocketing popularity of the site isn’t lost on cybercriminals, and the very nature of the site makes it ripe for exploitation by online scammers.

At the root of the issue is that Pinterest is built on a behavior that is generally frowned upon from a security perspective--clicking on things around the web. Users pin linked images to virtual corkboards, and followers click on the images and links to see what all the fuss is about, and perhaps re-pin it to their own Pinterest boards.

Be careful what you pin and re-pin on Pinterest--it could be a scam.
So, what happens when someone inserts an image that's already linked to a malicious script or site? According to Symantec, survey scammers have discovered the wonder of Pinterest, and have begun to take advantage of it.

Read more »

2

Microsoft Issues Urgent Patch for 'Wormable' RDP Vulnerability

Microsoft released six new security bulletins today for the March 2012 Patch Tuesday. Six is a very reasonable number--far short of some of the overwhelming barrages typical of many 2011 Patch Tuesdays. But, one of the six is a dangerous flaw in RDP (Remote Desktop Protocol) that evokes post-traumatic stress flashbacks to the CodeRed, Nimda, and SQL Slammer days.

The other five include one Moderate and four Important security bulletins. They address issues in things like DNS, Windows kernel-mode drivers, and Visual Studio. Admins are free to follow normal patch operating procedure when it comes to assessing and deploying these fixes. But, when it comes to the one Critical update--MS12-020--security experts say you can’t patch fast enough.

Security experts are concerned that the RDP flaw could be exploited by a worm.
I spoke with Qualys CTO Wolfgang Kandek, and Director of Vulnerability Labs Amol Sawarte. Both stressed that the RDP flaws revealed in MS12-020 are very dangerous. RDP allows remote access to systems--often to servers so admins can manage them remotely--and an exploit would not even require network credentials.

Read more »

1