Symantec releases Norton 2013 security suites


BetaNews: Symantec has released brand new versions of its Norton security packages for Windows, Norton Anti-Virus 2013, Norton Internet Security 2013 and Norton 360 2013. It’s the first time all three packages have been updated simultaneously, while the branding has also been amended to remove all references to a date, simply naming each Norton Anti-Virus, Norton Internet Security and Norton 360, respectively.

The 2013 versions come with what Symantec describes as “five layers of patented protection”, which include stronger social networking and anti-scam protection. There’s also full, certified support for Windows 8 and the promise of better performance on multi-core CPUs.

Symantec has focused its efforts on two related areas of protection for the 2013 releases, providing stronger protection for those using social networking sites. One in ten social network users has, according to the current annual Norton CyberCrime Report, fallen prey to fake links or scams, and so a new Scam Insight tool provides warnings against potentially risky websites along with an improved Norton Safe Web for Facebook app, providing users with the ability to quickly scan their timeline for potential scams and fake links.

Other improvements to existing protection include more rapid updates for the Insight file reputation database, which now also tracks IP addresses to help determine where threats are originating from.

Norton’s 2013 product are also fully certified with Windows 8. This includes integration with Windows 8’s Early Launch of Anti-Malware (ELAM) technology that permits security software to be up and running much earlier in the boot process than was the case with Windows 7, and which helps nullify certain rootkits. Also implemented is a new memory heap manager for helping to block and minimize the dangers from memory exploits.

The user interface has also been tweaked to be more Windows 8-friendly, with touch support and tile-based buttons. Staying up to date has been made simpler too, with all product updates now delivered automatically, and reboots eliminated from the install and update process.

The 2013 product line comes with a Network Cost Awareness feature – choose Settings > Network Security Settings > Network Cost Awareness  and click Configure – that allows specific network connections to be set to Economy, to prevent unnecessary updates from being downloaded on bandwidth-limited connections such as 3G.

Finally, all three Norton 2013 products are engineered to take advantage of newer multi-core processors and inbuilt technologies in Windows 8 to deliver faster startup and shutdown times over its immediate predecessor. Sadly, boot times remain a little long in Windows 7, although the apps overall effect on system performance is light. Other performance tweaks include better support for digital media, plus reduced power consumption to help extend battery life.

Norton AntiVirus 2013 FINAL, Norton Internet Security 2013 FINAL and Norton 360 2013 are all available now as a free 30-day trial downloads for PCs running Windows XP SP2 or later. Prices start from $49.99 for a single-user, 12-month license of Norton AntiVirus 2013 FINAL, with three-user licenses for Norton Internet Security 2013 and Norton 360 2013 costing $79.99 and $89.99 respectively.

VirusTotal online scanner adds behavior analysis

VirusTotal-logoh-Online: The developers of the VirusTotal online virus scanner service are currently testing a new sandbox feature to provide users with more meaningful scan results. In a post on the company’s blog, software architect and developer Emiliano Martinez says that, for this purpose, samples uploaded to the service are executed in a controlled sandbox environment where their actions can be “recorded in order to give the analyst a high level overview of what the sample is doing”.

An analysis of the uploaded file’s behavior is then displayed in a new “Behavioral information” tab as part of the scan results. VirusTotal logs file and registry activities as well as new processes and code injections. The scanner also issues a notification when a file directly sends commands to certain device drivers.

With the free online service, users can submit URLs and files to be analyzed by various antivirus engines and scanners for malicious content such as viruses, worms and Trojans. However, it is often only the heuristics that flag up issues – which can be identified by result descriptions that contain keywords such as “Heur”, “Suspicious” or “Generic”. Occasionally, this causes legitimate files to be regarded as suspected viruses without giving users the option to establish whether there is an actual threat.

Even a sandbox analysis carries a residual risk as some Trojans quietly check whether they are being executed in a virtual environment when they’re launching. If this is the case, they will act inconspicuously, only launching their malicious payload on a real Windows system.

The behavior analysis is currently being carried out by the scan engines at a different time than the virus analysis. It only scans executable files that are less than 8 MB in size and were previously unknown to VirusTotal. Therefore, it makes sense to keep the results page open and reload it occasionally to check whether a new data has been added.

Martinez notes that the behavior analysis is still in its early days, and that there is no guarantee that uploaded files will undergo the added analysis. The company uses Claudio Guarnieri’s open source Cuckoo sandbox. Incidentally, VirusTotal is far from being the only online tool to use a sandbox: Anubis, MWAnalysis CWSandbox and ThreatExpert have offered similar services for quite some time.

Firefox, Thunderbird, Panda and more updates

Mozilla Firefox: Mozilla has released a new update for Firefox, Mozilla Firefox 14.0.1, This version comes with Google Secure search by default, flat buttons in toolbar and some Performance improvement and security fixes. Read more in Mozilla Blog.


Mozilla Thunderbird: Mozilla also updated Thunderbird, Mozilla Thunderbird 14, This version mostly focus on stability, performance and security fixes. I think we cannot expect much more new feature in Thunderbird anymore, Mozilla has announced that they changed the way they develop Thunderbird, Read it yourself in Mozilla Blog.


Mozilla SeaMonkey: SeaMonkey updated to 2.11, This version is common update for Security, stability and performance update. Release note is available in SeaMonkey Project website.


Panda Cloud Antivirus: This is a major update to Panda Cloud Antivirus, Panda Cloud Antivirus 2.0.0, In this version you will see a community based firewall (pro version only) and now behavioral analyze engine is available for free users, offline protection is improved and much more, Read more about that in Panda Cloud Antivirus Blog.


More Updates: System Internals updated it’s suite, Process Explorer 15.22, Handle 3.5, Process Monitor 3.03, RAMMap 1.21, ZoomIt 4.3. Find what’s new in TechNet Blog.

AVAST software blocked its services for embargoed countries

avastPetr Chocholous in response to Iranian users contacting avast saying they are unable to open website or update their antivirus said:

AVAST Software a.s. is currently blocking access to port 80 (that effectively means websites and updates of avast! software) of its servers from following countries: Iran, Sudan, Cuba, Syria, North Korea and Burma/Myanmar. AVAST Software a.s. [and its subsidiaries/sister companies] must not provide any services in these countries because of policies and regulations that are applicable to AVAST Software a.s.

Blog and forum are available, because we hope they are information source/personal communication service and because of this they have exclusion from these regulations.

We are sorry for any caused inconvenience.

Iran makes its own anti-virus software – would you buy it?

binary-iran-170SophosLabs: According to reports, Iran has started making its own anti-virus software.

It is said that experts from Shiraz Computer Emergency Response Team of APA (Academic Protection and Awareness) of Iran have been working on the project to help better protect the country’s digital defenses.

Of course, Iran is no stranger to malware. It found itself thrust into the spotlight in 2010 when the infamous Stuxnet worm was widely reported to have infected industrial plants (including nuclear plants) in the country with the seeming intention to target and sabotage SCADA systems.

This understandably led to some excitable – but not always accurate – headlines.


According to Mohammad Hossein Sheikhi, assistant professor of the Department of Electrical and Computer Engineering at the University of Shiraz, work on the anti-virus software began in 2010 after the Stuxnet crisis, and has since undergone testing.

According to reports, if the anti-virus software is confirmed to be a success it may be made commercially available at a later date.

It’s unclear how Iran will determine if their home-grown anti-virus has been a true success or not.

Will they submit if for testing by independent tests by the likes of Will they send it to the folks at Virus Bulletin in the hope of winning a VB100 award for 100% detection of in-the-wild viruses with no false alarms? Will they test it on a wide variety of operating system versions and measure its impact on performance?

But the real question that springs to my mind is this – would you buy an anti-virus program officially written by your own country? How about a foreign country?

One thing’s for sure – be careful if you are tempted to buy an anti-virus written by the Greek authorities. They do have a history of trojan horses after all..

If Iran *did* make its anti-virus software available, wouldn’t other governments test it? After all, if you know that a country’s infrastructure is partly reliant on a particular anti-virus product wouldn’t any attacker automatically test if its malware and/or vulnerability exploit could bypass it?

German government makes recommendations for secure Windows PCs

bsi_200The H-Online: The German Federal Office of Information Security (BSI (German), BSI English) has compiled security recommendations for Windows PCs that will probably sound familiar to regular readers of The H: Anti-virus software – including free solutions –, backups, security updates, an alternative browser such as Google Chrome and “a healthy level of mistrust” are the main components of its proposal for a secure Windows PC. As the UK lacks a governmental organization that makes such recommendations, as usually such organizations recommend policy for public projects, it is worth seeing what Germany’s BSI suggests.

There are separate recommendations for private users (German) and for small businesses and freelancers (German). Both sets of recommendations refer exclusively to Microsoft Windows based systems; Mac OS X and Linux are not even mentioned. Rather than advocate maximum levels of protection irrespective of cost, convenience or available functionality, the BSI’s security recommendations try to outline a reasonable compromise that provides sound basic protection.

In particular, the BSI avoids supporting those in the business of spreading fear and explicitly points out reliable free solutions such as Microsoft Security Essentials, Avira, Avast, Secunia PSI and ThreatFire that have all previously featured on The H and in heise Security and our sister publication, c’t magazine, in Germany. Those in the security software business won’t enjoy reading statements that installing an additional firewall is no longer required, as systems are now adequately protected against attacks from the net by the firewall that is included in Windows 7.

That the BSI recommends Google Chrome as a safe alternative browser will come as a surprise to some. According to the guidelines, this browser’s sandbox and auto-update feature considerably improve its security; a view that is shared by many security experts.

One in four Windows 7 PC run out of date anti-malware

MSDN: One of the things we talk quite a bit about with Windows 8 is making sure Windows is a safe, secure, and reliable computing environment. We have always provided a broad range of solutions for achieving these goals and work closely with a broad range of industry partners. We continue to enhance these capabilities with Windows 8 while making sure you always have choice and control over how to protect and manage your PC. With Windows 8 we are extending the protections provided by Defender to address a broader range of potential threats. Jason Garms, the group program manager of our reliability and security team authored this post that represents work across several teams. –Steven

Read the story here:

Here’s some good news for Mac users! Go Avira!

Avira-Logo-Final-RGBAvira’s Anti-Virus Technology Used by ZeoBIT in New System Utility – MacKeeper

Avira provides anti-malware scanning engine to MacKeeper App

Tettnang / Silicon Valley, March 11, 2011 – IT security expert Avira announced today that it licensed its industry-leading antivirus product to Silicon Valley-based ZeoBIT to be used in ZeoBIT’s MacKeeper product. MacKeeper is an all-in-one app that includes 16+ unique features for security, cleaning, data control and optimization for Macintosh computers.

Designed as a 911 app for Mac OS that will keep a Mac secured, clean, reliable, fast and up to date, MacKeeper provides:

  • Protection from both Mac OS and Windows threats
  • Detection of viruses, identity thefts, phishing, spyware and malware
  • Web browsing safety by revealing fraudulent websites and unsafe downloads

“It’s true that Macs do not suffer from as many attacks and viruses than their Windows-based counterparts, but Avira feels that because Macs exchange files with all other operating systems, the opportunity for malware to infect a Mac is increasing every day,” said Sascha Beyer, CTO, Avira. “It’s mandatory today to have protection on a Mac, and Avira is very pleased that our technology is being used to protect Mac devices.”

The licensing agreement allows ZeoBIT to use Avira’s Secure Anti-Virus API, the official interface for Avira’s anti-malware scanning engine. The Avira scanning technology is integrated into a service, which runs in background and accepts scanning requests from MacKeeper.

“Since our launch last fall with MacKeeper 1.0, ZeoBIT has been busy making our security product for Macs the best it can be and we’re certainly pleased to add the security prowess of Avira to our product,” said Slava Kolomiychuk, CEO, ZeoBIT LLC. “Mac users are facing increasing amounts of malware and our goal is to protect them so they never have to worry about being compromised.”


About ZeoBIT

Since 2008, ZeoBIT LLC has been developing, promoting and supporting software for Mac OS and Windows platforms. ZeoBIT LLC is located in the US (headquarters) and in Ukraine (development center).


About Avira

Avira is a worldwide leading provider of professional and private antivirus software and IT security solutions. The company has over twenty years of business experience and more than 100 million clients. Avira AntiVir’s core product distinguishes itself due to its outstanding reliability and has been regularly honored with the VB100 award. As one of the founding members of the German association “IT Security made in Germany” (ITSMIG e.V.), Avira is the only provider of antivirus software that offers IT security products that also guarantee protection against data espionage.

In addition to protecting the virtual environment, Avira helps to protect the real world, too. The Auerbach Foundation, founded by Avira CEO Tjark Auerbach, supports diverse charitable and social projects as well as the arts, culture and science. For more information, please visit

Sophos: malware on the Mac is real, here’s a free antivirus

macavSophos has released a free antivirus product for consumers using Mac OS: Sophos Anti-Virus Home Edition for Mac. Although commercial antivirus products for Macs have been available for some time, Sophos’ offer is one of the very few free ones.

The Internet security firm took its existing enterprise antivirus software and slimmed it down to reduce complexity. Interestingly, the company has no plans to release an equivalent free version for Windows. Windows threats are in the millions while the number of strains of Mac malware is in the thousands.

Sophos says past threats to Mac users have included:

  • Websites that pose as legitimate-looking software vendor’s sites, but whose downloads are really Mac malicious code.
  • Malware disguised as pirated software available for download from P2P file-sharing networks.
  • Sexy online video links that urge you to install a plug-in to view the content, but really infect your computer with a Mac Trojan horse.
  • Popular Twitter accounts, such as that belonging to former Apple evangelist Guy Kawasaki, who have tweeted out links to websites designed to infect Mac computers.
  • Windows viruses and other malware, which can come in via e-mail, the Web, or USB drive, either being passed on to Windows-using friends or colleagues, or infecting virtual installations of Windows installed on a Mac.

The UK-based firm’s approach to Mac security is very interesting: the company claims all it wants to do is raise awareness. Sophos will have to run a dedicated support forum and won’t even be converting users to paid-for consumer versions of its security software, which is how most security companies justify their free versions. Panda Security, which recently also released an antivirus for Mac, made a point to say Mac OS is less secure than Windows and then offered its solution for $50.

Taken from TechSpot

4.4 percent in China have no AV – that might not be too bad

The number for the rest of the world might be 26 percent

There is a story making headlines on the computer security news sources today about estimates that 4.4 percent of Chinese Internet users have no anti-virus software, up from 3.9 percent last year. That’s about 17 million machines. The numbers came from surveying by the China Internet Network Information Center (CNNIC) and China’s National Computer Network Emergency Response Technical Team (CNCERT).

CNNIC said it estimated that 384 million people in China use the Internet

Story here.

I went looking for figures for the rest of the world. Similar surveying doesn’t exactly pop out of Google, but I did find one story.

Netherlands-based security company SurfRight released results of a study they did in December. “32 Percent of Computer Users Still Infected, Despite Presence of Anti Virus Program”

They scanned 107,435 machines and found that 28,607 had no up-to-date AV: that’s 26.6 percent without functional anti-virus software.

Of course, SurfRight didn’t break out the group that has no AV installed at all as opposed to those who have it but haven’t updated it.

In any case, they all should be installing an antivirus.