Internet Security Online

Imagine this: A reputable security company releases an eternally-free, “enterprise-class,” anti-malware engine that doesn’t waste CPU cycles, or otherwise molest your machine. Windows users rejoice that they can surf without fear of PTM (Porn-Transmitted Malware), and they line up to buy the company’s other, for-cash, products. A national holiday is named in honor of the “firm that saved the internet.”

That’s the dream that Comodo CEO Melih Abdulhayoglu is trying to fulfill with Comodo Anti-Virus V1.0, a free anti-malware offering designed to slot-in with Comodo’s other gratis goods, like VerificationEngine, Comodo Personal Firewall and iVault.

Researchers from Microsoft’s anti-malware engineering team are working on an automated way to sort through the thousands of malware families and variants attacking Windows computers.

The company unveiled its plans at the EICAR (European Institute for Computer Anti-Virus Research) conference in Hamburg, Germany, proposing the use of distance measure and machine learning technologies to come up with automatic classification of viruses, Trojans, spyware, rootkits and other malicious software programs.

The FIFA World Cup 2006 tournament won’t get underway in Germany until early June, but computer virus writers are already attempting to cash in on the planet’s most popular sporting event with viruses aimed at deceiving eager soccer fans.

Researchers at UK-based Sophos released notification of a new attack that infects Microsoft Excel files and has been disguised as a spreadsheet charting the national teams participating in the World Cup.

Anti-virus software firm McAfee has identified Mac OS X as a growing target for malware attacks.

According to McAfee Avert Labs, Mac platform vulnerabilities increased by 228 per cent in the past three years alone, from 45 found in 2003 to 143 in 2005. McAfee didn’t say how many of these bugs were critical, preferring to let the numbers speak for themselves.

Anti-virus firms at Infosec say they expect Vista and IE7 to change nothing for the industry. Microsoft used its presence at the show to laud the security features they’ve been busy building in the the upcoming software.

In particular, Microsoft was eager to talk about how Vista will finally jettison the need to run Windows as an administrator most of the time.

I got a spam this morning with a subject line of “yahoo send you postcard” from “postcard”. Of course all the alarms went off in my head, but there was no attachment and I have a nice little freeware app called PocketKnife Peek that lets you preview an email in plain text, view the html source, the headers and attachments without opening the email. (Minor rant — why doesn’t Outlook 2003 have that feature?!)

News Analysis: While larger security applications vendors are thriving, some of their smaller rivals appear to be diving. Analysts say mergers across the industry may be around the bend.

Increased demand for security suites and too many anti-virus vendors could create a good brew for consolidation, said industry watchers.

Although the number of malicious threats against the open-source Linux operating system doubled in 2005 over the previous year, a security company said Friday, it’s users of Apple Computer’s Mac OS X who should be afraid of the future.

Moscow-based Kaspersky Labs on Friday released the results of analyses of its malware database, and said that in 2005, it spotted 863 pieces of malware targeting Linux, more than twice 2004’s final count of 422.

APRIL 20, 2006 (COMPUTERWORLD) - When the Indiana Department of Education began installing PCs running Linux in schools last year, it installed open-source antivirus software on servers to scan incoming e-mail. But it didn’t bother installing antivirus software on the desktop computers.

Read more: Linux desktop growth could spur new malware activity

Incidence of cyber-blackmail attempts rose during the first three months of this year. Malicious hackers are moving away from ’stealth use’ of infected computers - stealing personal data, using infected computers as part of zombie networks - to direct blackmailing of victims, according to a new report from Kaspersky Lab.

Read more: Virus writers get into cyber-extortion