Recently, OPSWAT, a leading research and security software supplier, has published a report, which gives the market share of different antivirus, antispywar and security software worldwide and in North America. The report states that AVAST Soware has a strong lead in the worldwide antivirus market in this quarter (Q3 2011) with 16.61% market share worldwide. AVG, Avira, and Microso follow, each with over 10% of the market.

The percentage of the market held by the top 15 vendors is shown in the given infographics.

Before jumping on any conclusion, please bear in mind that being the most popular antivirus might not mean that Avast or AVG are also the best antivirus. All the top 4 vendors in this list supply at least one highly successful FREE version of their antivirus and security software. And it might be that the popularity of these antivirus software is due the the popularity of these free versions, which might not be fully effective against all sorts of malware threats.

Limitations of the Study:

This report shows usage data for security applications on Windows systems. The data was collected using OPSWAT’s AppRemover tool, which utilizes the detection capabilities of the OESIS Framework to collect information regarding the applications installed on endpoint computers. This tool is free for download on www.appremover.com and is used around the world by home and business users, both expert and inexperienced in security soware. The sample is assumed to be representative of the market for this report, based on the wide accessibility of the tool to a large range of users.

About OPSWAT

Founded in 2002, OPSWAT provides soware engineers and IT professionals with development tools and data services to power manageability and security solutions. The company’s primary product, OESIS Framework, is a manageability solution licensed by major technology companies like Cisco Systems, Juniper Networks, F5 Networks, Microso, HP and many others. Having been adopted as the industry standard software development toolkit (SDK) for creating compliance and manageability applications, the framework’s application libraries have now been deployed on an estimated hundred million endpoint systems worldwide.

[Read Complete Report Here]

The company is engaged in providing a portfolio of IP connectivity, unified communications, IT consulting and security. AllStream has got an excellent pool of telecom knowledge. They invest a lot of their energy in the development of their human resources and this has resulted in them getting counted among the top 100 employers of Canada for the year 2010.

They have been owning and operating a nationwide vast network of fibre optic cables spanning more than 30,000 kms. giving them an unbeatable upper hand over the competition.

Services at a Glance

AllStream provides a host of telecom and IT solutions for individuals, businesses and Government agencies. Their services range from wireline and wireless voice, data services, Internet access, and digital TV.

For corporate needs, their MPLS based data networks allow business to converge all their communication needs onto a privately owned fast, reliable and high network performance IP networks. The Switched Ethernet solution obviate the needs of maintaining several LAN’s at different locations and allow businesses to easy and reliable mode of sharing of information across different locations and networks. AllStream Business Internet solutions provide high speed Internet Access, upto 3Gb/s, connectivity for quick online transaction of data. And if you ask for more speed, then you can try their DWDM based wavelength services, which allow you to take advantage of their vast network of fibre optic cables to serve you speeds upto 10 GB/s.

Their IP-based telephony systems allow you to integrate all your voice, data and multimedia communication needs on a single connectivity on every desk. With services like Videoconferencing and Collaboration Tools, they let businesses to increase their productivity and improve processes even when different people are operating at different locations.

For personal use, they have the advantage of providing quality telephony and data services both on wireless and wireline platforms. To top it, their Mixed Mobile Convergence (FMC) service allows seamless unification of wireline and wireless platforms.

With a complete array of IT and communication services for all sorts of needs and requirements and backed by large pool of talented manpower and skill sets, AllStream is in a great position to serve your communication needs.

Recently, German Federal Criminal Police(the “Bundeskriminalamt” or BKA for short), has warned about a recent attack, wherein the malware resides silent inside your windows files. As soon as you log into your your bank account through online banking, it lets you remain there. But it shows you a message that your account has been blocked as you have received a large sum of money erroneously.

When you check your account statement and balances, that fictitious transfer can be seen. Now you are presented with the option to transfer the money back or just keep the account suspended. If you choose to transfer the money back, you have to fill the online form, where the details are pre-filled with the account details of the malware controller.

As soon as you complete the transfer, the money is withdrawn from your account by an amount, which was not actually transferred to your account.

How to Protect Your Bank Account from Such Scams and Frauds

The best way is switch to Linux as most of the online banking scams are targeted at Windows users. They are the easiest targets. But this is easier said than done for an average computer user. Even I find myself lazy enough to do that.

What I prefer to do is that I have reserved one of my computer to access Internet only when I login to my bank accounts. I use it for all sort of offline activities – MS Word, Powerpoint and other stuff, but I go online with that computer only when I need to do access my bank accounts. That way I try to let this computer remain as clean as possible.

I know, this is not a fool-proof way to ensure protection from online banking scams, but still it is better than using your regular computer to do online banking.

[Via]

Windows Attention Utility is one of the latest entrant in the ever increasing list of scareware. It is a rogue security software, which sneaks in your computer with the help of the some trojan or backdoor already present on your computer.

As soon as it gets entry to your system, it takes control of your your computer and makes modifications to the core Windows files. Windows Attention Utility continues to display lots of fake warnings and alarm messages, which all are directed in such a way to create a sense of panic in the mind of the user. All these messages suggest that there are lots of virus and malware infections present in your computer and you need to take immediate action for their removal.

When you agree to it, it will download and install Windows Attention Utility virus on your computer and reboot it.

Remember, Windows Attention Utility is nothing but a scareware, and it will not do anything to add to the security of your computer. Your best bet is to remove Windows Attention Utility at once and uninstall any script and process initiated by this deadly fake security software.

On this blog earlier, we have extensively covered about the various variation of the Zeus Virus; ranging from topics like how security software miss the detection of Zeus malware, how Zeus is getting more and more potent and also told about online tools to detect and avoid malware like Zeus.

Knenber Botnet is yet another malware hitting the computers round the globe after the terror stricken by Zeus. It was discovered in the early February of last year, when as many as 75,000 computers from 2,500 organizations were found infected from this botnet. These sites were mainly social networking sites.

Kneber Botnet collects login information for online financial sites, social networking websites, and the e-mail systems of infected computers and relays that data back to hackers via a network. And now it has been reported to have returned back with a vengeance and infected lots of machines through a dedicated email campaign. These emails were reportedly sent disguised as a Christmas and New Year wish. As soon as people clicked on the two malware links embedded in the email, there machines were infected with the Kneber Trojan resulting in the stealing of the financial data and personal information stored in their computers.

Read More about the story on Brian Kreb’s blog.

We have repeatedly been asserting on this blog that online security is in your own hands. No security software, howsoever smart and advanced, can provide you a complete protection. It is well within your own online behavior. Make it a habit to avoid reckless clicking on links while browsing Internet or while reading emails. Click on a link, when you are absolutely sure that you really want to open the page and you know where it is going to land you. Links are not just for fun. The can bring disaster..

Geinimi Trojan is being termed as “the most sophisticated Android malware” so far, but its impact is currently limited as the infected apps are available only on Chinese Android app markets, Lookout said in its warning. That’s not to say it couldn’t be packaged into other geographic regions, but that it hasn’t been done yet.

How the Geinimi Trojan Operate as a Botnet

When a host application containing Geinimi is launched on a user’s phone, the Trojan runs in the background and collects significant information that can compromise a user’s privacy. The specific information it collects includes location coordinates and unique identifiers for the device (IMEI) and SIM card (IMSI). At five minute intervals, Geinimi attempts to connect to a remote server using one of ten embedded domain names. A subset of the domain names includes www.widifu.com, www.udaore.com, www.frijd.com, www.islpast.com and www.piajesj.com. If it connects, Geinimi transmits collected device information to the remote server.

Stay safe and think twice before allowing any third party applications to your Android Mobile phone or any other other device for that matter.

[Via Lookout Blog Post]

This campaign is based on the premise that even if a small fraction of the recipients can be tricked into, then the share price of the target company can be rigged into higher levels, which might allow the spammer to off-load and sell its positions in that stock at higher levels.

Spammers, hackers and cyber fraudsters, do not spare any upcoming trend or incidence without eying an opportunity to make money. This is yet another evidence that Indian Stock Markets are rising and reaching unprecedented highs.

See the original blog post.

In the earlier post, we have already talked about Bugat. Now is the turn of Carberp. Carberp is a trojan, which mostly targets banks and finance related sites. It has been found to be an “evolved” version and reported to show some advanced features, which make its detection still more difficult. These features include…

1. Ability to run as non-administrator
2. Ability to infect Windows XP , Windows Vista and Windows 7
3. Will not make any changes to the registry (only in memory modifications)
4. Sophisticated browser hooking to fully control all internet traffic (including HTTPS with EV-SSL)
5. Stolen data is transmitted in real-time to C&C server

One of the first things, which Carberp Virus tries to do is to disable the functionality of antivirus and security applications installed on your system. Carberp Virus has the ability to steal passwords from lots of applications and services running on your system. These applications include…

• WinVNC3
• Remote Desktop Connections
• PC Remote Control
• Freecall
• Camfrog
• ASP.NET Account
• Cached Passwords
• Cisco Systems VPN Clients
• Windows Passwords
• ICQ
• MIRANDA
• TRILLIAN
• MSN
• YAHOO
• AIM
• GAIM
• QIP
• Odigo
• GTalk
• PSI
• My Spcae
• Live Messenger
• PalTalk
• Excite
• Gizmo
• Pidgin
• AIMPRO
• Pandion
• QIPOnline
• JAJC
• Digsby
• Astra
• Opera
• Safari
• Firefox
• Chrome
• Gmail
• RimArts
• The Bat!
• Eudora
• Total Commander
• WS_FTP
• CuteFTP
• FileZilla
• Bullet Proof FTP
• SmartFTP
• FFFTP
• CoffeecupFTP
• COREFTP
• FTP Explorer
• Frigate3FTP
• WINSCP

It is scary to note the comments of leading security agencies about Carberp Virus and its potency.

“Carberp is different. It is very, very sophisticated and I expect the infection rates to be the same as Zeus,” said Andreas Baumhof, co-founder and chief technology officer of secure banking authentication firm TrustDefender. He said the Trojan is as yet unknown to the big antivirus companies.

But if you are thinking that they are the only financial malware, then please re-think. There is whole set of such financial malware and viruses, all searching for new victims with latest tricks and tactics up their sleeves.

Bugat is one such trojan, which has recently been discovered to be capable of stealing your financial passwords and passing them to the controllers of their central command.

Well known organization Trusteer, who recently discovered the tactics used by Bugat malware, goes on to say…

Bugat is similar in functionality to its better known financial malware brethren Zeus, Clampi and Gozi.  It targets Internet Explorer and Firefox browsers and harvests information during online banking sessions. The stolen financial credentials are used to commit fraudulent Automated Clearing House (ACH) and wire transfer transactions mostly against small to midsized businesses, which result in high-value losses. Bugat is three times more common in the US than Europe, but its distribution is still fairly low.

“We are in an arms race with criminals. Although Zeus gets a lot of attention from law enforcement, banks and the security industry, we need to be vigilant against new forms of financial malware like Bugat and SpyEye which are just as deadly and quietly expanding their footprint across the internet,” commented Trusteer CEO, Mickey Boodaei.

This is yet another example of how cyber criminals are increasingly dominating the battle of supremacy over the security agencies and vendors. In this state, the only option for ensuring your PC Security and privacy is to be vigilant, careful and exercise retrain in your online behavior. Remember, no security tool, howsoever pricey or advanced, can save you, unless you are careful and vigilant to detect the cyber threats.

At present, MSE is only available free for personal uses. In a recent announcement, Microsoft has stated that they are going to make it free even for small businesses. As per their definition of small businesses, you can use it on 10 PC’s in your organization at one go.

we are extremely excited today to let you know that Microsoft is making its Microsoft Security Essentials available to small businesses on up to 10 PCs for FREE, beginning in early October!  By providing Microsoft Security Essentials to small businesses free of charge, Microsoft extends its commitment to help these companies save money and grow their business by offering no-cost protection from viruses, spyware and other malicious threats.

In case, you want to know more about MSE, here is some more information…

MSE is a security suite designed for consumers and lacks centralized management features which are found in Microsoft Forefront Client Security. It includes the same anti-malware engine (dubbed “Microsoft Malware Protection Engine”, or MSMPENG for short), and virus definitions that all other Microsoft desktop anti-malware products share, including Forefront Client Security, Windows Live OneCare, and Windows Defender (Defender excludes the antivirus definitions which are separate from the antispyware definitions).

Before installation, MSE checks for the validity of the installed copy of Microsoft Windows. MSE requires no registration or personal information. MSE will disable Windows Defender, as it provides protection against malware, not limited to spyware and adware.

MSE automatically checks for and downloads virus definition updates which are published three times a day to Microsoft Update. Alternatively, users may download the updates manually from Microsoft Security Portal.

Here is a nice review video of MSE from Youtube.

[Download Microsoft Security Essential]