Symantec has released a free public beta of Norton AntiBot, which uses behaviour analysis to detect malware. The software is based on existing technology from Sana Security, with a few minor additions from Symantec’s SONAR behavioural scanning technology that is now included in Norton products.
Symantec says AntiBot is meant as a supplement to anti-virus software, not a replacement, and doesn’t use traditional virus signatures. Instea… read more »
Web servers running Microsoft’s IIS software are twice as likely to host malware as other site servers, it was claimed this week. Nagendra Modadugu, of Google’s newly-formed Anti-Malware Team, based his claims on an analysis of 70,000 domains that were either distributing malware or hosting attack code.
Geoff Sweeney, chief technology officer at behavioural analysis firm Tier-3, said: “This is potentially bad news for the web ho… read more »
PHP version 5.2.3 released at the beginning of the month purported to eliminate a security vulnerability in the chunk_split() function that splits strings into user-defined substrings. However, according to the PHP security specialist and co-initiator of the Month of PHP Bugs Stefan Esser, this is actually not the case. According to Esser, the original fix was not only malfunctional, but more or less even nonsense, since it only pushed the funda… read more »
Out of the top five search engines, Yahoo returns the riskiest sites for users, according to security vendor McAfee. In research published on Monday by McAfee SiteAdvisor, 5.4 percent of Yahoo searches returned links to “risky” internet sites. AOL was found to be the safest of the top five, with 2.9 percent of sites. According to McAfee SiteAdvisor, Yahoo returned the most results rated “red” or “yellow”. ̶… read more »
MICROSOFT IS showing all comers how to hack into its Internet Information Server and is not giving any hints how to work around the problem. The Vole says an exploit, which was discovered on December 15, 2006, and made public at the end of May, is actually a feature. Apparently versions 5.x allow bypass of basic authentication by using the “hit highlight” feature. The hit-highlighting feature can be used by an unauthorised user to nic… read more »
Security researchers have warned of new vulnerabilities in Mozilla’s Firefox and Microsoft’s Internet Explorer. In a posting to the Full Disclosure mailing list, security researcher Michal Zalewski outlined two vulnerabilities in each of the popular browsers. The vulnerabilities could allow attackers to overwrite the URL bar, or steal user data and remotely download and execute code.
A Microsoft spokesperson told www.vnunet.com that t… read more »
