Malwarebytes is accusing China-based computer security firm IObit of intellectual property theft, but IObit denied the allegations and said there were problems with its malware submission site.
Malwarebytes claims IObit stole from its database of signatures of malicious applications that its software uses for detecting malware on customer computers.
Malwarebytes discovered that IObit's Security 360 free anti-malware software was flagging a specific key generator piece of code for Malwarebytes' Anti-Malware software and using the same naming scheme, which includes the phrase "Don't Steal Our Software," according to a blog post on the Malwarebytes.org site.
This screen shot shows IObit's product uses the same naming scheme as Malwarebytes.org.
(Credit: Malwarebytes.org)After finding additional evidence, Malwarebytes conducted a test and added fake definitions for a fake rogue application to its database of malware. Within two weeks, IObit was detecting the fake files and using "almost exactly" the fake names, Malwarebytes said.
"We soon became convinced that this was not a mistake, it was not a coincidence, it was not an isolated event, and it persisted presently in their current database," the blog post says. "They are using both our database and our database format exactly."
Malwarebytes, which said it uncovered evidence that IObit may have stolen proprietary databases of other security vendors as well, said it plans to pursue legal action against IObit
IObit denied the allegations, saying it was a "mistake," and accused Malwarebytes of spreading "malicious rumors."IObit said it would soon release a legal letter an explanation about the technical aspects that proves its case. In the meantime, IObit temporarily deleted all disputed items in its database to avoid "dispute and possible problems" and disabled its malware submission page, the company said in a blog post.
Basically, someone submitted samples with the name used by another vendor, the post says.
"Unfortunately, IObit database analyzer carelessly used the names provided by the submission. This mistake can be understood because it is very normal--Many enthusiastic IObit users find there are samples missed by IObit Security 360 but detected by other anti-malware products, then they would submit these samples to us and provide names defined by other anti-malware vendors."
"There are holes and problems with IObit malware submission procedure and database management," the post concluded.
Malwarebyte's found that IObit's product detected the fake malware Malwarebytes put in its database as a test.
(Credit: Malwarebytes.org)Web and e-mail security provider M86 Security was set to announce on Tuesday the acquisition of Finjan.
Finjan brings to the table a secure Web gateway product and software-as-a-service solutions, M86 said in a statement. Under the merger, which is effective immediately, Finjan will maintain a development center and operations in Netanya, Israel.
U.S.-based Finjan SW will remain an independent company to retain its malware detection intellectual property, according to a statement.
M86 was created a year ago with the merger of Marshal and 8e6. In March 2009, the combined company acquired behavioral malware detection company Avinti.
Last week, Cisco Systems said it was buying Web-based security software company ScanSafe. And earlier in October, Barracuda Networks, which makes security appliances, announced its purchase of Purewire, a Web security-as-a-service provider.
Meanwhile, vulnerability management provider Rapid7 recently acquired Metasploit, an open-source penetration testing framework and exploit database.
Nokia and SAP are forming a new company that will use their technologies to help manufacturers battle counterfeit products.
Announced Tuesday at SAP TechEd in Vienna, Original1 will offer services to better authenticate branded products and protect them from counterfeiting, the companies said in a statement.
Offering software as a service (SaaS), Original1 will draw on a combination of SAP's supply-chain technology and Nokia's mobile authentication software. Nokia and SAP will each own 40 percent of the business, while German firm Giesecke & Devrient (G&D) will own the remaining 20 percent and add the security and encryption component.
The service will target products that are especially vulnerable to counterfeiting, such as pharmaceuticals and luxury goods, G&D spokesman Stefan Waldenmaier said. Other items, such as auto parts and software, could also benefit from the service, he said.
At this point, the service can only work with physical products, not electronic items. So, for example, Original1 could protect boxed software but not downloadable media.
Here's how it works: branded products will be electronically tagged with smart, tamper-proof barcodes, allowing the manufacturer to track them using a Nokia smartphone as they move from factory to store shelf. A retailer can then check the product information against a database and determine whether the data is coming from a legitimate product.
Located in Frankfurt, Germany, Original1 will be run by Claudia Alsdorf, currently the vice president of SAP Research.
"Counterfeiting is a worldwide problem that is increasing and affecting many successful companies in all industries," Alsdorf said in a statement. "Today, more than ever, companies need to combat counterfeiting before it's too late, when their company livelihood is at stake."
SAP has already run pilot tests of the new service with some of its customers and said the testing has been successful.
Nokia and SAP have a history of working together on mobile projects. Nokia is an SAP global technology partner, while SAP is a Nokia Enterprise Zone member.
Subject to regulatory approval, Original1 is expected to open its doors before year's end.
In the video below from SAP, Alsdorf talks about the new company:
Cisco Systems said Tuesday it plans to buy privately held Web-based security software company ScanSafe for about $183 million.
The all-cash deal, which also includes retention-based incentives, is expected to close in Cisco's fiscal second quarter, which ends in January 2010.
ScanSafe is a cloud-based software service that allows customers to license the application on demand. Cloud-based services help customers save on costs, because they don't have to buy licenses to software and manage the software applications themselves.
The ScanSafe technology will help Cisco expand on capabilities it added when it bought IronPort in 2007, the company said. Cisco also plans to integrate ScanSafe's service with its AnyConnect VPN Client to provide a secure mobility solution. And Cisco will use ScanSafe's data centers to provide new cloud security services.
After a lull, Cisco has stepped up its acquisitions. This is the third acquisition the company has announced this month. Two weeks ago it said it would buy wireless equipment maker Starent Networks for $2.9 billion. And at the beginning of the month, it said it would buy Norwegian video conference equipment maker Tandberg for $3 billion. CEO John Chambers has said the company is looking for even more acquisitions.
(Credit:
U.S. Navy)
The U.S. Department of Defense ban on USB thumb drives instated nearly a year ago will eventually be partially lifted to allow authorized people to use official flash drives for mission-critical functions, according to a top military official.
"In the future, we expect that a government-owned and procured USB flash media, that is uniquely and electronically identifiable for use in support of mission-essential functions on DoD networks, will be permitted for use by authorized individuals," Robert Carey, chief information officer for the Department of the Navy, wrote in his blog recently.
"We are working on upgraded antivirus and malware detection, alert and eradication capabilities, as well as implementation of controls to deny network access to unauthorized USB flash media and revised operating procedures for scanning and cleaning flash media," he wrote. "The bottom line is, the days of using personally owned flash media or using flash media collected at conferences or trade shows are long gone."
Thumb drives, CDs, and other removable storage devices were banned last November after military computers became infected with a worm that was partially spread by thumb drives.
The thumb drive ban has been inconvenient for military personnel who used them for carrying tech manuals, medical records of wounded troops, mission plans, and other types of important information, according to DefenseNews.
Microsoft on Wednesday said it is fixing a bug in Bing that allowed spammers to bypass spam filters and distribute malicious links.
Researchers at Webroot Software discovered a spam campaign earlier this week that used the search engine's own redirection mechanism and a link-shrinking technique to send people to spam Web pages, according to a post on the Webroot threat blog.
The problem is with how Bing formats links in RSS feeds. The redirect from Bing to the spam site is not obfuscated, allowing scammers to append anything to the end of the Bing redirect URL and thus trick spam filters, said Andrew Brandt, a threat researcher at Webroot.
In the specific case, Webroot examined an RSS feed in Bing with a link that bounced through MySpace's link shrinker and landed on the spam Web page that looked like a news site customized to the user's geolocation and which offered vague work-from-home jobs.
Asked for comment, a Microsoft representative said late on Wednesday: "We were testing new features to improve the search experience for our customers, and during our testing, we found a bug that was causing this issue. We are taking immediate action and expect a fix in the next 48 hours."
Meanwhile, a MySpace representative had this to say when asked for comment: "The security of our users is a top priority for MySpace. With thousands of link-shortening systems available on the Internet, similar to MySpace's MSPLinks, it is critical that sites like Bing employ security measures such as the prevention of URL redirection."
As of 2:15 p.m. Tuesday e-mail delivery had started to return to normal for some Postini customers, although problems remained.
(Credit: Screenshot by Tom Krazit/CNET)Some customers of Google's Postini e-mail security product experienced significant problems Tuesday, with reports of hours-long delays in e-mail delivery that are still affecting some customers.
Threads throughout Google's Postini forums spread involving the issue, which seemed to begin overnight on System 7--one of several systems used by the service--and was still affecting some customers as of Tuesday afternoon, although e-mail delivery had resumed for others. Users also reported problems accessing the management consoles used to log into the Postini service, preventing them from understanding exactly what was happening.
Postini, acquired by Google in 2007, offers e-mail security services to businesses. Postini scans all e-mails directed to the networks of its customers for viruses, malware, and spam, passing along the genuine messages to the network once they have been cleared. However, Tuesday it appeared that for a significant portion of the morning, all messages for customers using System 7 were blocked before they reached their destination, and customers could not log into their accounts to see what was going wrong.
A Google representative acknowledged the e-mail delivery delays in a statement. "We're aware of an issue that's causing a delay in mail delivery for some Postini customers in the US, and are working to fix it as quickly as possible. We know how important mail is to our users, so we take issues like this very seriously, and apologize for the inconvenience. We encourage anyone having technical difficulty to visit the Postini support portal at https://www.postini.com/support/support_login.php."
It has not been a good week for the cloud. Hosted applications and services such as Postini were sure to get a second look following the debacle at Microsoft involving the Sidekick and possible data loss.
It's also another example of Google's growing pains with customer support. Google Checkout customers reported significant issues for over a month without any resolution, and angry e-mail administrators on Postini's message boards complained that Google support personnel were very difficult to reach during Tuesday's issues.
Google support technicians promised some Postini customers--who pay between $12 per user per year and $25 per user per year--that their e-mails were not lost, which is at least some good news for customers affected by the problems. But running a business without e-mail in the 21st century is a very difficult thing to do.
Security appliance maker Barracuda Networks has acquired Purewire, a Web security-as-a-service provider, the companies were set to announce on Tuesday.
The acquisition gives Barracuda the SaaS offering, but also adds to its security researcher and threat detection capabilities, the company said.
The companies did not disclose terms of the deal.
Barracuda offers e-mail, Internet, Web, and instant messaging protection, much of it based on open-source software.
Purewire launched its Trust Web reputation service earlier this year.
With security and cloud-computing both hot-button topics, Verizon Communications and McAfee are joining forces to offer customers a combination of the two.
Verizon's business unit and McAfee announced Thursday a new joint venture to sell cloud-based security products and services to large businesses and government agencies. With more companies tapping into the "cloud" to lower costs and outsource administration, McAfee and Verizon will sell a new suite of cloud-based security products, expanding on Verizon's current lineup.
Managed by Verizon, the new cloud-based services will offer an array of security products, including firewalls, intrusion prevention, anti-malware, and Secure Socket Layer (SSL) virtual private networks (VPNs).
"This strategic agreement with McAfee enables us to drive even more complete and integrated IT solutions to enterprises across the world," said Kerry Bailey, senior vice president of Verizon Business global solutions. "Our newly expanded and next-generation cloud capabilities will enable organizations to better use security as a strategic tool and business enabler."
The team-up will also allow Verizon and McAfee to tap into each other's portfolio of products and services.
Verizon will offer its customers McAfee's entire line of security software and will soon provide McAfee's PCI (Payment Card Industry) compliance services to banks and other organizations that need to secure credit card data.
The PCI services will be targeted to "Level 4" merchants--businesses that manage up to 1 million credit card transactions each year. Verizon said this business class is at the highest risk for security breaches and accounts for one-third of all credit card transactions. In April, Verizon released a report showing that more payment card records were breached in 2008 than in the previous four years combined.
McAfee's customers will now be able to contact Verizon's network of 1,200 security professionals for assistance on setting up and managing in-house security.
Finally, Verizon will help McAfee consolidate its data centers, so that McAfee can better offer 24/7 management for its own Web hosting and cloud-based services.
Verizon and McAfee will target the new products and services to small-to-medium companies, large enterprises, and government entities.
McAfee has been pushing to grow beyond the consumer market through a series of deals and acquisitions. In July, the company said it would buy MX Logic, which provides cloud-based e-mail and other services. In May, McAfee bought white-listing vendor Solidcore.
I'm not an employee of MySpace, but I was able to join its Facebook network.
(Credit: Facebook)I do not work for MySpace. But my Facebook profile now says I do, thanks to what appears to be a sneaky little flaw in MySpace's recently launched e-mail client.
Professional networks on Facebook are intended to be limited to employees, and require a corporate e-mail address to which Facebook sends a confirmation e-mail to verify accuracy. But when MySpace launched MySpace Mail this summer, it made e-mail addresses with the myspace.com domain--which is also used internally for corporate e-mail--available to any members of the News Corp.-owned social network.
A reader tipped off CNET News to the hack, which requires a little bit of HTML know-how. We're not going to give detailed instructions out of the interest of MySpace employees' own security--and it looks like Facebook has put a fix in place, because when a CNET colleague used a MySpace Mail address to register around 2:40 p.m. PT on Wednesday, he was informed that the address was invalid.
See what happens?
(Credit: Facebook)In vague terms, it looks like MySpace was aware of the fact that members might try to register for its network on Facebook, because the confirmation link to Facebook does not work in MySpace Mail, nor does copy-pasting it. Basically, it's mangled somehow. But, the tipster explained, the real link is still in the page's HTML source. And indeed, I was able to join MySpace's network on Facebook.
This does have security implications, because many Facebook members limit some of their profile data to people who went to their schools or work for the same company--Facebook first launched corporate networks in the spring of 2005. Many may display their cell phone numbers, photo albums, or home addresses only to college alumni or co-workers.
It's an issue for Facebook as well because the massive social site does have an obligation to make sure that its restricted networks don't lie fallow. If there's a change in corporate e-mail structure at a company with a Facebook network, particularly a big one, that can mean something big with regard to potentially thousands of Facebook members' security.
A MySpace representative told CNET News that the company was looking into the matter and would be able to comment soon.
This post was updated at 2:44 p.m. PT on Wednesday to note that the problem appears to have been corrected by Facebook.
