Tag: Security

Security Websites

General Technology and Security trends:

Threat Intelligence

Microsoft Security Intelligence Report: http://www.microsoft.com/security/sir/default.aspx
Team Cymru (also has subscription service): www.team-cymru.org
FBI Cybercrime information: http://www.fbi.gov/about-us/investigate/cyber/cyber

Malware and threats:

Threat Expert: http://threatexpert.com
Microsoft Malware Protection Center: http://www.microsoft.com/security/portal/default.aspx
SANS Internet Storm Center: http://Isc.sans.edu
Symantec Threat Explorer: http://www.symantec.com/norton/security_response/threatexplorer/index.jsp
Symantec Internet Threat Report: http://www.symantec.com/business/theme.jsp?themeid=threatreport
McAfee Threat Center: http://www.mcafee.com/us/threat_center/
Metasploit Blog: https://community.rapid7.com/community/metasploit?view=blog
Security Focus: http://www.securityfocus.com/
Dshield: http://www.dshield.org/
Offensive Security’s Exploit Database: http://www.exploit-db.com/
Worldwide Observatory of Malicious Behaviors and Attack Threats (WOMBAT):
http://wombat-project.eu/246
Symantec’s Worldwide Intelligence Network Environment (WINE): http://www.
symantec.com/about/profile/universityresearch/sharing.jsp
Mandiant M-Trends: https://www.mandiant.com/resources/mandiant-reports/
Bad domains, IP addresses, and other indicators:
Malware Domain Blocklist: http://www.malwaredomains.com/
Malware Domain List: http://www.malwaredomainlist.com/
Unspam Technologies Project Honeypot: http://www.projecthoneypot.org/index.php
EXPOSURE (Exposing Malicious Domains): http://exposure.iseclab.org/
Shadowserver Foundation: http://www.shadowserver.org/wiki/

Automatic threat analyzers:

Anubis (Analyzing Unknown Binaries): http://anubis.iseclab.org/
Virustotal: http://www.virustotal.com/
Metascan online: http://www.metascan-online.com/

Threats with signatures:

IBM ISS X-Force: http://xforce.iss.net
BotHunter Internet Distribution Page: http://www.bothunter.net/
Latest Snort publicly available Snort rules (most recent rules require subscription):
http://www.snort.org/snort-rules/
Emerging Threats signature list: http://www.emergingthreats.net/
Latest Tenable Nessus plugins (requires subscription): http://www.nessus.org/
plugins/

Patches and vulnerabilities:

MITRE’s CVE: http://cve.mitre.org
NIST’s National Vulnerability Database: http://nvd.nist.gov/
US-CERT Technical Cyber Security Alerts: http://www.us-cert.gov/cas/techalerts
Microsoft Security TechCenter: http://technet.microsoft.com/en-us/security/default.aspx

GRISOFT aquires evido Networks

According to the Grisoft press release:

GRISOFT, the maker of award-winning AVG Anti-Virus, today announced the acquisition of Ewido Networks, a leading provider of innovative anti-malware solutions. This acquisition expands GRISOFT’s AVG antivirus and firewall offerings to include comprehensive malware protection, and provide its customers with the highest level of security against growing types of malicious software spreading across the Internet.

Both AVG and  ewido are two excellent tools when dealing with viruses and other malware. I wonder if this move was triggered as a result of increased competition from other vendors and especially with companies like Microsoft introducing their own antivirus suites such as Windows Onecare. Either way I hope GRISOFT continues to provide free versions of AVG and ewido.

Norton Removal Tools

If anyone else is looking for Symantec or Norton removal tools, try some of the following tools: 

  1. NoNav
     
  2. RNav2003
     
    Removing Norton AntiVirus 2003 or earlier by using the Rnav2003.exe removal utility when Add/Remove programs fails.Source: Removing Norton AntiVirus 2003 or earlier by using the Rnav2003.exe
  3. RnisUPG
     
    When you uninstalled Norton Internet Security or Norton Personal Firewall 2003 or earlier through Windows Programs list or Add/Remove Programs, the process failed. You want to use the Symantec RnisUPG removal tool to uninstall Norton Internet Security or Norton Personal Firewall versions 2003 and earlier.

    Source: Uninstalling Norton Internet Security or Personal Firewall 2003 or earlier using the RnisUPG
     
  4. SYMClean (Symantec Application Cleanup Utility)
     
    Symantec provides the SYMClean utility, SymClean.exe, to remove Norton SystemWorks files and registry entries that are not removed by the Windows Add/Remove Programs utility.
     
    Source: Introduction to SYMClean
     
  5. SymNRT
     
    The Norton uninstall tool uninstalls all Norton 2004/2005/2006 products from your computer. It also uninstalls Norton Ghost 10.0/9.0/2003.
      
    Source: Using the Norton Uninstall Tool

Symantec Removal Tools

If anyone else is looking for Symantec or Norton removal tools, try some of the following tools: 

  1. NoNav
     
  2. RNav2003
     
    Removing Norton AntiVirus 2003 or earlier by using the Rnav2003.exe removal utility when Add/Remove programs fails.Source: Removing Norton AntiVirus 2003 or earlier by using the Rnav2003.exe
  3. RnisUPG
     
    When you uninstalled Norton Internet Security or Norton Personal Firewall 2003 or earlier through Windows Programs list or Add/Remove Programs, the process failed. You want to use the Symantec RnisUPG removal tool to uninstall Norton Internet Security or Norton Personal Firewall versions 2003 and earlier.

    Source: Uninstalling Norton Internet Security or Personal Firewall 2003 or earlier using the RnisUPG
     
  4. SYMClean (Symantec Application Cleanup Utility)
     
    Symantec provides the SYMClean utility, SymClean.exe, to remove Norton SystemWorks files and registry entries that are not removed by the Windows Add/Remove Programs utility.
     
    Source: Introduction to SYMClean
     
  5. SymNRT
     
    The Norton uninstall tool uninstalls all Norton 2004/2005/2006 products from your computer. It also uninstalls Norton Ghost 10.0/9.0/2003.
      
    Source: Using the Norton Uninstall Tool

Windows OneCare

Microsoft has just announced pricing for Windows OneCare and in typical fashion has under priced most competitors by charging $49.95 for a yearly subscription. It seems ironic that you have to pay extra for getting rid of problems that should not arise in the first place. Either way, Microsoft® Windows OneCare Live will be available in June from retailers and the subscription fee covers update and provides protection for for up to three personal computers. If you want to test the software for free visit Windows OneCare to install and test the beta.