NETGEAR ProSecure TM Security Blog tag:prosecure.netgear.com,2009-01-23:/community/security-blog//1 2009-01-26T19:16:56Z Movable Type 4.23-en No Ordinary Kid tag:prosecure.netgear.com,2009:/community/security-blog//1.5 2009-01-25T22:41:50Z 2009-01-26T19:16:56Z 2 Pete worm.png
By now you're probably aware of the latest and greatest from the malware underworld. The Kido worm (officially named as Net-Worm.Win32.Kido, aka Downadup, Conflicker) is spreading like wildfire. It has taken all but three months to infect over 9.5 million desktops worldwide.  I'm not going to go into detail as to what the worm does (you can read about it HERE and HERE), but rather comment briefly at how well thought out and designed this worm is. It has all the characteristics of a little worm that will go a long way.

  • Exploit the vulnerability of a widely used OS - check.
  • Gain administrative control of that OS - check (meaning the worm has total access to your system, anything you can do, it can do and then some. Those of you still using weak passwords...*cough* password123, be very afraid).
  • Multiple methods of propagation - check (be sure to check your USB flash drives).
  • Block the victim PC from contacting well known security vendor Web sites for help - check (basically stranding your PC on an isolated island).
  • Download additional payload from random, almost impossible to trace sites - check.

We've all had our computers infected at one time or another, and most of you probably have seen one or more of the aforementioned attack characteristics before. The difference is, this one has it all, and it we all need to take extra precautions or our PCs will just become another statistic. The days of simple viruses and worms performing a single malicious task are long gone. Welcome to the age of sophisticated, highly intelligent attacks.

]]> Hello tag:prosecure.netgear.com,2009:/community/security-blog//1.3 2009-01-25T20:57:47Z 2009-01-26T07:03:58Z 1 Pete If you're reading this, you may be wondering why NETGEAR has decided to enter an already crowded network security market.  After all, there are no less than a few hundred Internet security related products all claiming to be the golden bullet that will make your security woes go away. Confusing technical jargon, performance numbers, and a vast array of licensing options get thrown around, confusing you, the reader, more than it does help you understand what you exactly need. 
Well, if you take out a few hundred thousand virus signatures (or a million!) here, limit the number of file types you scan there, and while we're at it, use open source and give it a name with a nice ring, pretty soon that high-end expensive CPU you needed suddenly becomes a $10 chip. You see vendors advertising "We use a dedicated hardware accelerator chip, SUPER HIGH THROUGHPUT!!!". What they don't tell you is that the chip can only fit 3000 malware signatures. Yes, 3000. The worst part about this is the poor customer who thinks they are protected. After all, they have all the checkbox features: Anti-malware scanning, check. Anti-spam, check. URL filtering, check. A week later they ask themselves why they are still having infected desktops, why they are still receiving spam, and why the latest celebrity nude photo site is still accessible on the company network.  Which begs the question "Is it worse to have no security, or is it worse to have a false sense of security?"

This is why the ProSecure brand was born. We believe that SMBs need and deserve better and we are going to give it to them. No, NETGEAR is historically not a security company. That is why we went out and acquired our own security team (yours truly included) and revolutionary scanning technology. That is why we have partnered with the best in the industry for malware, spam, and web filtering. We have a vision of providing the SMB with the best protection available - anywhere, with no strings attached. We've worked vigorously over the past year to bring you the STM.  The STM contains over 1.6 million malware signatures. Now compare that to 3000, or even 30,000. It utilizes a distributed spam analysis technology that polls from over 50 million sources to stop new types of spam within minutes. All of this, built on top of our "secret sauce", the NETGEAR Stream Scanning platform. Best of all, you'll be able to buy one without mortgaging half your business. As you may have noticed, ProSecure is not just marketing fluff.

]]>