Computers Networks - www.badc0ded.com

Malware-carrying spam and attacks via Twitter and Facebook grew dramatically in the second half of 2009, says a report released Tuesday by security company M86 Security.

The volume of spam shot up last year to more than 200 billion messages each day, or 80 percent to 90 percent of all inbound e-mail sent to organizations, said M86. Spam carrying malware also surged in the second half of the year, hitting 3 billion each day compared with 600 million per day in the first half of 2009.

The vast majority of spam is now sent through botnets hiding on infected computers--the second half of 2009 alone saw 78 percent of all spam triggered by the top five botnets, such as Rustock and Pushdo.

As most spam is triggered by just a few select botnets, a takedown of those specific threats could have a huge impact on malware, notes M86. But since most cybercriminals are part of organized gangs, they've proved to be adept at bouncing back from attempts to take them down.

Spam messages that carry malware payloads have become more sophisticated over the past year. One example pointed out by M86 is the Virut virus, which can install virtually any type of malware on a PC by infecting executable files with .exe and .scr (screensaver) extensions.

Zero-day vulnerabilities often found in Adobe and Microsoft products also grew in the latter half of 2009. This type of malware has become particularly hazardous since it can sometimes take companies weeks or even months to patch up specific security holes in their software.

PDF files have proved especially fertile ground for cybercriminals due to the ubiquity of Adobe Reader and the ability of these files to include hyperlinks and other dynamic content within them. Almost a dozen zero-day attacks were launched throughout 2009, says M86.

Malware via social-networking sites like Facebook and Twitter also grew in volume during the second half of 2009. One example was that of venture capitalist Guy Kawasaki, whose Twitter account was hacked last June and sent out tweets with links that led to malware.

Cybercriminals have also pounced on the vulnerabilities inherent in shortened URLs, commonly used at Twitter and other social networks. Since users can't by default preview the actual page beforehand and usually trust that the link is legitimate, it's easy to direct a shortened URL to a malicious Web site that launches a malware attack.

How can people better protect themselves against the growing tide of

malware? Aside from the typical advice of keeping your security software updated and not clicking on links in an e-mail, M86 recommends that people use the NoScript extension in Firefox, which limits the execution of JavaScript code and installs browser extensions that can display shortened URLs as their full addresses.

M86 said the report was compiled based on findings from its own researchers, who comb through more than 7 million different e-mail messages each day looking for specific patterns and trends in spam and malware.

Source: http://news.cnet.com/8301-1009_3-10454870-83.html

Computer Renaissance thought you should know about the new Norton 360.

Today, Symantec announced Norton 360 version 4, the company's utility suite that emphasizes a "reputation"-based approach to fighting malware, and adds online backup.

Norton 360 version 4 will cost $79.99 for the Standard edition with 2 GB of included online storage at n360.backup.com, and $99.99 for Norton 360 version 3.0 Premier edition with 25 GB of included online storage. The only difference between the two editions will be the amount of online storage, a Symantec spokesman said.

Users can renew the Standard edition for $59.99 per year, and the Premier edition for $89.99 per year.

As the Symantec disclosed with its beta, the new version of Norton 360 adds its "Quorum" technology, which attempts to discover previously unknown malware based on characteristics like the file's originating IP address. The opt-in technology, also in the company's Norton Internet Security product, has rated 177 billion files since September, the company said.

That helped Symantec's NIS top a limited but real-world study of 100 pieces of malware set up to attack several off-the-shelf products. Symantec blocked 99 out of 100, AV-Comparatives.org, which ran the study, said, tied with Kaspersky. AVIRA finished second, and Microsoft's own Security Essentials technology finished third, tied with Avast.

Symantec also added a startup manager technology that the company claims will speed up the boot time by roughly, between 20 and 30 seconds on Vista and Windows 7. A download manager will assess the impact and possible security impact of downloaded files.

The suite also includes other standard protections, including antivirus, antispyware, botnet protection, identity protection, Norton safe Web, and firewall.

Files can be backed up online, and links sent to friends or user contacts. Users can set that link to expire after a certain amount of time, executives said. In a few weeks, Symantec even plans to have beta apps for the iPhone, iPad, and Android, so that users can make the remote file access available on those devices as well.

In Norton Internet Security 2011, Symantec plans to add tools to make rooting out malware even easier, including Web-based detection and removal, even disc burning software. Symantec is also testing a SWAT-styled malware removal tool, even for non-Norton customers, to attack the top 30 percent of deeply embedded threats, including fake antivirus and "scareware" apps that can dive deep into a PC, executives said.

Source: http://www.pcmag.com/article2/0,2817,2359865,00.asp

The most power efficient of Intel's new series of mobile processors will start appearing in new laptops in February, according to the chipmaker.

The Core i3, i5, and i7 processors are slated to replace most of Intel's older generation of Core 2 processors. Intel introduced, for the first time, mainstream mobile processors based on the Core i design--the Core i3 and i5--at the Consumer Electronics Show last month.

Though laptops using Intel's standard-power Core i mobile processors have already hit store shelves en masse, systems using the chipmaker's ultra-low-voltage, or ULV, Core i processors will begin to appear "in early February," according to an Intel representative. These new processors include the i5-520UM and i7-640UM. Because ULV chips consume relatively little power, they are used in laptop designs in order to offer longer battery life.

High-profile laptop lines that currently use Intel's older Core 2 ULV chips include the Dell Adamo, Toshiba Portege R600, Sony Vaio Y, and Hewlett-Packard Envy 13. The most widely used processors have been the SU9400 and SU9600. Dell, last week, began offering steep discounts on its Adamo laptops that use the SU9400, cutting prices by about $500.

With the new i3 and i5, Intel is changing the way it rates power efficiency to account for the new "Arrandale" chip design that packages the graphics silicon together with the main Intel processor.

A Core i chip rated at 18 watts will now be considered a ULV processor, compared with the 10-watt rating of the older Core 2 technology. This is done to account for the additional power load of the graphics circuits that, before, were in a separate chip package called the chipset.

To date, Apple's MacBook Air has used Core 2 low-power processors but the Air's processors run at relatively high speeds of 1.86GHz or 2.13GHz, higher than ULV-designated chips in other ultrathin laptops, and therefore are not as power efficient.

Though Apple is expected to use Core i5 processors in its upcoming MacBook Pro lineup, it is not yet clear which processor Apple would opt for in a new MacBook Air model--if indeed Apple is planning an imminent update for this model.

Source: http://news.cnet.com/8301-13924_3-10444827-64.html?tag=mncol