Tej Kohli Business Blog

Tej Kohli stumbled upon this news story on the web. Read on to know what Symantec claims.

Symantec claims its 2009 Internet Security products will have “zero impact” on PC performance.

Norton Internet Security was once infamous for hogging system resources, but has placed significantly less demand on PCs in recent releases.

Now, Symantec claims this autumn’s product refresh will have no perceptible impact on PC performance. “People have told us ’security software is too big, it irritates me, I turn it off when I’m gaming’,” said Janice Chaffin, group president for Symantec’s consumer business in an exclusive briefing with PC Pro this morning.

“Fundamentally, consumers don’t want to be bothered at all. We’ve set as our goal zero-impact security,” she said.

The company has a number of ambitious performance targets for the 2009 products. Installation will take less than a minute, compared to the eight-minute average of today’s products. And the client software will have an install footprint of only 100MB, compared with 2008’s 400MB.

Are customers really bothered about a 400MB install in these days of terabyte hard disks? Symantec’s Con Mallon says it’s largely a symbolic gesture. “We’re trying to do it for perception,” said the company’s regional product marketing director. “If we’re at 400 meg and the guy next door is on 200 meg, they say ‘you’re bloated’.”

Security provider Webroot debuted its first data centre in the southern hemisphere to support its expansion into the Asia Pacific market.

Located in the Southern Sydney suburb of Mascot, the data centre represents a $1 million investment in the vendor’s Software as a Service (SaaS) business model in the region.

Anticipating a robust, educated market in Australia, Webroot COO Mike Irwin said that the Sydney data centre was an important milestone in the company’s expansion in the Asia Pacific region.

“Webroot is committed to servicing the Asia Pacific in the long term,” he said.

Webroot’s range of SaaS offerings, including e-mail management and Web content security, will be hosted on the data centre and provisioned via the Web.

Irwin described the SaaS provision model as “security outsourcing”, and expects it to provide customers with security expertise that will give them access to up-to-date, enterprise-level infrastructure.

While the technology market is estimated to grow up to 10 percent per annum, the annual growth of SaaS uptake has been estimated at 60 to 70 percent.

According to Webroot’s Asia Pacific managing director, Charles Heunemann, the SaaS model will appeal to resource-tight IT departments in Australia.

“Your typical IT shop will be trying to get more juice for their squeeze, so they’ll tend to hang on to some of their on-premise infrastructure for perhaps longer than they need to, and the refresh cycles on technology aren’t as rapid as in other jurisdictions,” Heunemann said.

“With the introduction of our new SaaS, a lot of the customers out there can completely leapfrog the whole appliance play and go straight to the cloud and take care of the problem there.”

The $1 million data centre forms part of a $10 million investment Webroot has planned for the Australian market during the next two years.

All products and services will be delivered via Webroot’s channel partner base, which currently comprises nine partners, including Clearswift and WebSecure.

Courtesy:  IT News

Tej Kohli bravejournal | Tej Kohli Info

Security experts say internet is under assault! Tej Kohli Security category brings the complete news.

Internet security experts say the Web has become so overrun with identity thieves that users have no way of knowing which sites are safe.

The San Francisco Chronicle said Wednesday that even the largest and most-familiar destinations are vulnerable to thieves who swipe identification numbers, business e-mails and medical records.

Professional criminals and organized crime have ongoing, sustained campaigns to rob consumers blind, said Paul Ferguson, a researcher for Trend Micro.

The culprits seek out flaws in various popular software packages and hack their way into Web sites. From there they can gain access to the server and attack other Web sites, the newspaper reported.

Experts advise Web surfers to keep their Internet browsers updated and regularly sweep their computers for malicious viruses.

Source: United Press International

Tej Kohli business blog raise concern on the threatening security risks, likely to drill the internet. Tej Kohli found this interesting report posted online on the internet security fragility.

Internet security is a big question that is likely to raise eyebrows in the near future. According to a recent report by security company Symantec, the tipping point in internet security is closer than we think. The report highlighted some alarming facts.
By the end of 2007, the number of unique identified threats stood at 1,122,311. Of this disturbing total, 711,912 of the threats were identified in 2007, representing a 468 per cent increase on the previous year.
Such distressing numbers are enough to startle any company CIO or IT manager, who holds charge of ensuring security of systems, vital to the day-to-day running of their organization.
In actual fact, the number of malicious code threats is rising so quickly that Symantec’s experts believe the world may be rapidly heading for a security “tipping point”. This point will be reached when the number of legitimate programs in the world is outnumbered by the malicious or illegitimate ones.
When this happens, the traditional method of blacklisting known malicious code loses some of its effectiveness and appeal. The effort and expense of maintain a list of known bad code continues to increase to the point where it becomes a significant burden on both security companies and their customers.
Instead, a white listing system will have to be implemented. This list will be a comprehensive summary of all legitimate programs that should be allowed to exist on a corporate network. If a particular batch of code doesn’t appear on this list, it must be deemed malicious.
To back its prediction, Symantec pointed to research conducted for the report that looked at the adoption of new applications on Windows-based PCs. The researchers found that, of some 54,000 unique applications deployed on Microsoft Windows PCs, 65 per cent were malicious.
It’s a trend that is not going to slow anytime soon. For organisations to have any hope of maintaining security, a white list system may be the only choice. Any alternative is going to become too expensive and cumbersome to maintain.

Tej Kohli gives a report on storm worm courtesy Internetnews.com.

A report by e-mail and content security firm Marshal claims that just six botnets  are responsible for almost 90 percent of spam, but others in the spam filtering business disagree with the report’s findings.

For the month of February, Marshal found that the most dominant botnet spewing out junk e-mail was not the vaunted Storm worm but a network called Srizbi, which first emerged last summer. Symantec reports Srizbi as a “Trojan horse that sends spam and uses a rootkit to hide itself.”

Srizbi seems to be in the seeding stage, as it were, because all it’s doing now is perpetuating itself. It sends out spam to other people so they open a link that infects them with the Srizbi Trojan

Marshal has it accounting for 39 percent of spam it discovered in February. Just the month prior, the botnet Mega-D, so dubbed because it was selling male sexual enhancement products, was the major nuisance, with 35 percent of the spam.

Glen Myers, an engineer with Marshal, said Mega-D lost its place because it shut down for 10 days. Why he does not know, but he said that didn’t lessen the amount of spam on the Internet. “It just moved to other networks. That’s why other networks came in so high,” he told InternetNews.com. “I don’t know if that means there’s a relation between people running botnets or if advertisers are moving their content around.”

Storm, by contrast, only accounted for two percent of the spam in the Marshal report. That seems extremely low considering how resilient and ubiquitous the worm was. “Storm got a lot of publicity, and people started specifically targeting that worm. That is impacting their ability to use it,” said Myers.

Paul Piccard, director of threat research for Webroot Software, agrees on that point. “We have seen a decrease in the Storm network. There’s been less instances and samples of Storm that we’ve seen recently. There’s been a large push by security vendors to roll out signatures that detect and remove Storm,” he said.

However, he’s not so sure that just six botnets are responsible for the millions of spam messages floating around on the Internet. “If it was only six, we would have a much easier time protecting our customers, said Piccard. “It’s a little misleading to say there’s six botnets because there’s multiple variants of each. There are some times close to 100 variants to specific pieces of malware.”

Scott Montgomery, vice president of global technical strategy for Secure Computing, was even more blunt in his assessment. “Their premise is that the snapshot from their spam traps constitutes fact. Srizbi is a pretty neat little Trojan, I just think their scale is way off. To think this ten million machine behemoth Storm botnet is not relevant, I don’t think is reflective of what’s going on,” he said.

But Myers defends the findings, saying it’s a “true application of the 80/20 rule, that 80 percent of the spam comes from the top 20 percent of botnets. We’ve already seen an example of this in February when the Mega-D botnet went down and everything moved to Srizbi.”

As security gets better at blocking Storm, he argues, spammers “are less likely to send out waves of Storm as they get diminishing returns because everyone is looking for Storm. How many people are looking for Rustock?” he said, in reference to a botnet that said accounted for 20 percent of spam in February.

Don’t count Storm out, warned Piccard. “Remember, when you can create variants very quickly and create new pieces of malware, it’s not uncommon for malware to make a comeback later on,” he said. “Right now could be a quiet period for Storm but we could see an uptick in activity in a few weeks to a month from now.”

I came across an article on internetnews.com. Read the latest story on the Tej Kohli Blog.

 AVG Technologies is the latest antivirus vendor to beef up its security suite to cover as wide a range of threats as possible by including link-scanning technology it acquired late last year.

AVG (which changed its name from Grisoft earlier this year) isn’t as well known in the U.S. as Symantec, McAfee or Trend Micro, but it has a huge international presence, particularly in Europe where it is based. It consistently scores very high in antivirus tests against known threats, but its tests against zero-day threats are a little more inconsistent.

That’s one area it’s working to overcome, and one step in the process was the December acquisition of Exploit Prevention Labs, developer of LinkScanner, a utility that scans the links of search results on Google, Yahoo and other search engines to check for hidden malware behind the link. While the company is also working on its heuristics to catch as-yet undiscovered viruses, it’s also trying to help users avoid infection in the first place.

In addition to the LinkScanner Web checking, AVG Internet Security 8.0 offers a considerable performance improvement thanks to being rewritten for multi-core processors and combining its two separate virus and spyware databases into a single database. It also sports a whole new UI and offers scanning of any file transfers over the HTTP protocol, since that’s how most infections come into a computer.

Between the link checker and HTTP scanning, AVG believes “we’ve done all the things we need to do for today’s threats,” said Bridwell.

AVG Internet Security 8.0 also adds protection to Internet Explorer and Firefox browsers against so-called drive-by downloads, protects file exchanges over MSN and ICQ instant messengers, comes with a new firewall and a new anti-rootkit shield.

AVG Internet Security 8.0 is available for download starting February 28, at a cost of $54.99 for a one-year license and $79.99 for a two-year license.