When it comes to internet security, Google, like other huge portals, are sitting targets for cyber criminals and hackers, but shortly after news of yet another hitch with their email system (thousands having ‘disappeared’), comes an announcement that the search engine giant has acquired a company called Zynamics.

German based Zynamics, an internet security company which focuses on software analytics, was founded in 2004 by Thomas Dullien, the current Chief Executive Officer.

Zynamics researches the automation of reverse engineering and code analysis. In terms of its product line up, it produces four reverse-engineering tools: BinDiff, VxClass, BinNavi and BinCrowd. These four products are used by thousands of researchers in the internet security community.

Google was tight lipped about price it paid for the company and exactly where it fits, but experts believe that it will be used to enhance the protection already used by them to protect their users.

The latest incident to hit Google concerns a number of missing Gmails, although they have since announced that the problem was not a virus, but a software bug. There’s a big difference between the two. Viruses are ‘man made’ bits of code that are developed and inserted into applications for nefarious reasons. A software bug is usually a faulty line of code (say a missing instruction) which can cause a shutdown, or a wrong action. The problem is, that many bugs are in effect holes in the wall through which barbarians can exploit and deliver viruses.

So although bugs are innocent, they are often the precursor to a cyber attack as they represent weak parts of the application’s defences.

In this case, Google have admitted that a number of emails went ‘missing’ (accounts were accidentally wiped) but, as they put it, were never lost. And because they are backed up on tape, they were replaced in a matter of days. They confirmed that just 0.02% of 170 million odd customers were affected.

Google handles such matters in their official Gmail blog and this is what it said:
"I know what some of you are thinking: how could this happen if we have multiple copies of your data, in multiple data centres? Well, in some rare instances software bugs can affect several copies of the data. That’s what happened here. But restoring data from them takes longer than transferring your requests to another data centre, which is why it’s taken us hours to get the e-mail back instead of milliseconds. Thanks for bearing with us as we fix this, and sorry again for the scare.”

Google will be hoping, when it comes to internet security, for not too many scares in the future.

Guest Article by Neil Camp 

Its been reported that a Trojan Horse attack has been mounted on Google’s Chrome browser.

The warning that the Trojan Horse attack is being perpetuated by cyber criminals intent on exploiting Google’s increasing popular Chrome browser was posted in a BitDefender blog.

The blog, called Malware City, regularly updates people on virus trends and BitDefender, like most of the computer security companies, see it as their role to alert computer users worldwide to threats and trends.

The Trojan Horse attack is based on the virus posing as a Google Chrome extension. It has been circulated by invidious hackers who now see Chrome as a very viable target. The method of the Trojan Horse attack is via an email which falsely claims that Google has launched a new Chrome extension which helps the user to better organise documents received in emails.

BitDefender discovered that the link that this spurious email contained was back to a fake page posing as a genuine Google Chrome extension page. And this page contained a download which contained an executable file contained the malware, the Trojan Horse attack.

Once downloaded, the Trojan Horse actually blocks attempts by the user to access Google and Yahoo websites, sending them instead to other websites which are loaded with other malicious files and content.

BitDefender has identified this Trojan Horse attack. It’s called Trojan.Agent.20577 and it’s one most definitely to be avoided at all costs.

How to Protect Against Trojan Horse Attacks

Don’t get careless; even if you have the best antivirus software that is always up to date Trojans can still attack. To prevent getting attacked by a Trojan horse before you download a file and open it. Ensure you are confident you know the source and the content of the file. You can protect yourself from Trojans by only downloading files from websites you are certain are 100% genuine.

Trojan attacks can also come from friends, via email or instant messenger, as many Trojan attacks are designed to spread automatically. If the email looks suspicious with spammy content then do not click on the attachment. If in doubt you can always ask the recipient if the attachment is genuine. You can also use antivirus software to scan the file.
 

Guest Article by Neil Camp

It has been announced that Virus Bulletin tests have just been completed on its largest number of anti-malware products yet.

Virus Bulletin tests were run in April 2010 on 60 products and 20 were failed, including those from Microsoft, Norman, Frisk and FortiNet whose products put up for examination failed to make the acceptable grade.

The Virus Bulletin tests threw-in a number of wobblies, including how well the products detected complex polymorphic viruses and also, some products produced false alarms on clean files. Some of these failing this test were products from major companies, with Adobe, Google, Microsoft and Sun in the firing line.

Some 40 products did pass the Virus Bulletin tests though and were awarded the VB100 certification.

The Virus Bulletin tests’ Anti-malware Test Director John Hawes said: “We put a huge range of products through their paces this month, and saw the usual problems with detection of complex viruses and false alarms on common software, with some splendid performances from some and pretty dire showings from others.

“It was pretty shocking how many crashes, freezes, hangs and errors we encountered in this test. XP has been around for a long, long time now and is still the world’s most widely used computing environment – so developers should be producing rock-solid software for it time after time. I’m sure any user who sees their system brought to a halt by their security software will vote with their feet and take their custom elsewhere.”

The Virus Bulletin tests have been going for about ten years and a detailed breakdown of the results are available to subscribers of the service. Virus Bulletin take various computer security products and subject them to a series of stringent tests against a range of malware which are on the WildList. This list is made up of the most up-to-date malware programmes known to be worrying the world’s computers. The Virus Bulletin tests involve making sure that the products under review have to be able to 100%  detect malware on the WildList. They also must not generate any false alarms when inspecting a clean set of files.

This process makes the Virus Bulletin tests and their VB100 Certification Scheme an important product accolade in the industry and consumer sector.

Guest Article by Neil Camp

Reports form the BBC suggest that Google’s Gmail and Microsoft’s Hotmail have been under siege from phishing attacks which have targeted thousands of service users in an industry wide scheme.

Both Google and Microsoft have moved to stem any damage. Users of Yahoo and AOL email services were also hit.

The BBC stated that they were shown two lists which contained the name and passwords of 30,000 people who use Gmail, Hotmail, Yahoo and AOL email services. And the lists were said to have been posted on the web for anyone to access.

Google told the BBC that only 500 of its customers had been named, although it said a third list was in existence, but declined to give numbers.

A Google spokesperson said:
“We recently became aware of an industry-wide phishing scheme through which hackers gained user credentials for web-based mail accounts including Gmail accounts.

“As soon as we learned of the attack, we forced password resets on the affected accounts. We will continue to force password resets on additional accounts when we become aware of them.”

Google appeared keen to highlight that the scheme did not actually breach Gmail security, but involved a none too uncommon scam which persuaded people to give away their personal information to cyber criminals.

A phishing scheme is one which usually involves bogus emails purporting to be from a bona fide organisation which invites recipients to send back their personal details, log-in usernames and secure passwords. And despite frequent warnings from the organisations themselves and computer security experts not to give away personal details to anyone, phishing attacks remain very successful in their simplicity and ruthlessness. Most are based on a good copy of a bona fida email and most introduce an element of bullying into their message: act now, or account will be closed down.

This particular scheme started when 10,000 Hotmail addresses were posted online at Pastebin, a website mostly used by developers to share code. But that was just the start, with a further 20,000 names being uploaded which contained e-mail addresses and passwords from Hotmail, Yahoo, AOL, Gmail and other service providers.

Although some of the details were old, or indeed fake, many were genuine.

A Microsoft spokesperson said:
“Our guidance to customers is to exercise extreme caution when opening unsolicited attachments and links from both known and unknown sources, and that they install and regularly update their anti-virus software.”

A person from Yahoo reiterated the rest, urging its customers to “…
take measures to secure their accounts whenever possible, including changing their passwords…”

Computer security industry experts called for the providers to do more to educate their customers as regards the dangers of such phishing attacks.

Guest Article by Neil Camp

Major software offerings from Microsoft and Google have this week drawn criticism from industry experts for major security flaws.

Close on the heels of Microsoft’s none too well received operating system Windows Vista, is Windows 7 which has been tested by the public in its “release candidate form.” Versions can be downloaded by the general public and tested.

Although the initial reaction has been good, seeing it as an improvement on the cumbersome Vista, there are worries that it contains an inherent security flaw.

Windows 7 was slated in for a release date of January 2010, but it might be earlier, with Microsoft saying that they are ahead of schedule. Generally, Vista was a disappointment, standing accused of being like a sieve when it came to security (requiring constant updates) and slowing down performance times. Windows 7 appears to solve a lot of those problems and features quicker response times, a new task bar, a touch-screen capability and an ability to stream media files (including music) from one computer to another via the internet.

But the question of computer security has reared its ugly head again with some suggesting that there is a major flaw in Windows Explorer (the heart of the operating system’s file management system) which allows other users to be attacked by hackers.

And what worries the experts is that this major flaw is not new, but existed in previous versions of Windows Explorer. And the irony is not lost on many, after Microsoft has sworn themselves to a “trust vision” to make security in their products a major preoccupation.

And Google’s all-singing, all dancing new browser has shown to be a little flaky. Chrome is liked by many, but Google has had to fix quite a few security holes, which then led to a problem with crashed computers. Chrome version 1.0.154.64 was released recently to put right two major security problems. The first concerned an ability for a hacker to run attack software that had the same priviledge as the primary user. The second problem centred on the 2D graphics which could have created an opening for attack software to be infiltrated into the browser’s security system.

But when the new version was released, having fixed the two security problems, it caused a few crashes, so a new version quickly followed.

Guest Article by Neil Camp