i have good news for instructables.com users. i’ve been in contact with Eric Wilhelm, CEO of Instructables, who was able to get to the bottom of the issue i previously blogged about in short order and it turns out to have not been a breach of their dat…

i have good news for instructables.com users. i’ve been in contact with Eric Wilhelm, CEO of Instructables, who was able to get to the bottom of the issue i previously blogged about in short order and it turns out to have not been a breach of their dat…

MyPcProtector (also called as My Pc Protector) is one of these active malware applications that create a misleading image that they are reputable programs urgently needed to be installed. However, in reality MyPcProtector is a rogue anti-spyware which only imitates scanning of the system actions and offers its nonexistent removal services.
MyPcProtector is mostly distributed through [...]

many have at least heard the advice to use unique passwords at every site they visit. well i go a few steps beyond that. not only do i use unique randomly generated passwords at every site, i use unique randomly generated email addresses at each site t…

The previous blog posting revealed antivirus engine advancements in current version 6.7.3, whereas Outpost 7 will, in fact, inherit the auto-update and traffic-saving approach and add even more stability and better performance. All this – due to the new anti-malware engine, version 5.0, smoothly integrated with Outpost’s other services in its 7.0 edition.

Just to remind you of the improvements in Outpost Security Suite Pro and Outpost Antivirus Pro:

• Continual signature-flow: The new engine allows increased frequency of malware database updates: three times a day on weekdays – twice with antivirus signatures and once with antispyware. Tip! Just tweak Outpost’s settings and opt for updates on an hourly basis instead of by-default daily updates.
• Smart updates: The anti-malware engine (anti-virus + anti-spyware), edition 5.0, gets itself automatically renewed through regular malware database updates (no separate product update is needed).

All the novelties were introduced in a seamless fashion so that the user won’t experience any PC slowdowns or performance disruptions. On the contrary, automatic updates do great job saving traffic and facilitating the product operation. We are working hard to bring closer the public beta date when all of you will be able to judge for yourselves. The new major release will come hand in hand with the new antivirus engine, which apparently lays a good foundation for further detection and disinfection accomplishments.

Besides, we’d like to tell you of another important technology, component of Anti-Malware module - HAX. This component was developed quite a long time ago and underwent a series of improvements to ensure accurate detection. Outpost 7.0 will give stage to this formerly concealed mechanism in Anti-malware’s on-demand scan settings as displayed on the screenshot:

Agnitum’s Heuristic Analyzer, code-named HAX (Heuristic Analyzer for eXploits), is aimed to detect potentially harmful packed/protected/encrypted objects.

The packed objects can be monitored with both signature and non-signature methods. The signature-based approach employs an updated base of packer definitions.

The heuristic method builds on a static classifier which receives such input data as:

• Characteristics of PE (portable executable) structure
• Section chart check
• Results of import chart analysis
• Assessment of file section entropy

A separate check is performed in case there is an attempt to mask an executable as one of Windows system components.

That’s it for now. Feel free to subscribe and learn what’s up and what’s new while we develop Outpost 7 solutions.

Pavel Goryakin, Agnitum

Trend Micro advanced threat researchers recently came across a new ZBOT/Zeus binary file detected as TROJ_ZBOT.BTM.
ZBOT/Zeus variants are well-known for stealing banking information from its victims via various social-engineering tactics (e.g., spammed messages, malicious links sent to social-networking site members in the guise of messages, and compromising legitimate sites), as evidenced by the following documented [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

New ZBOT/Zeus Binary Comes with a Hidden Message

Grayware: TSPY_EYEBOT.A

Malware: BKDR_BIFROSE.DQJ

Win32/SillyP2P.FC is a worm variant that spreads via peer-to-peer file sharing network.
Should you have this detection reported on a file that you normally use, we highly recommend that you submit a sample of the affected file to CA Anti-Virus Research for analysis.
For detailed instructions on how to submit samples to CA, please see below.

———-
Submitting Malware SamplesPlease visit our…

Win32/IExpleror.A variant is a Trojan disguised as legitimate Internet Explorer program. It has capability to downloads and may execute or install software without user permission.
Should you have this detection reported on a file that you normally use, we highly recommend that you submit a sample of the affected file to CA Anti-Virus Research for analysis.
For detailed instructions on…