MRA Consultants has been trading for over 20 years, during this time I have built up a reputation for service, reliability and value for money. A small sample of local business I serve include  Maryport Bodyworks Centre, ABI Motor body Repairs, Taylors Joinery And Plastics, West Cumbria domestic Violence, Distington Community Centre, Macs Removals Ltd .Engineering Pipework Services Ltd, Distington club for young people, Ewanrigg Community Centre, CMS, Robin Dargavel Ltd, Lake District Coast Aquarium as well as countless numbers of individuals. Over 99% of my business comes from referrals. I was the first in the area to pioneer no fix no fee and no call out charges.

Virus Bulletin news

Multi-staged, modular Regin tool enables stealthy surveillance

Nation state likely behind campaign that goes back many years.

Few terms are misused in a security context as often as the term 'advanced', perhaps in part because the industry doesn't like to admit that most of the threats we're facing aren't particularly advanced. Yet for the 'Regin' espionage tool, which Symantec wrote about yesterday, it seems fully justified.

Regin has been used in espionage campaigns since at least 2008. It is a multi-staged threat (like Stuxnet) that uses a modular approach (like Flame), thus placing it among the most advanced threats ever detected.

The five stages of Regin. Source: Symantec.

Though the campaign has only recently been discovered, individual components of Regin have been analysed in the past - for example, F-Secure researcher Antti Tikkanen writes about how his company analysed a malicious driver belonging to the same campaign in early 2009.

Read more (5 paragraphs)

Detekt tool searches PCs for traces of surveillance spyware

Second opinion essential in circumstances under which likely victims operate.

Last week, the release of the free ' Detekt' tool was announced. Developed by Claudio Guarnieri and released in partnership with organizations including Amnesty International and the Electronic Frontier Foundation, the tool scans Windows computers for traces of government surveillance spyware.

The tool received a lot of praise from the security community, but there were also those who wondered what it would add to existing anti-virus solutions - and who pointed out that the indicators of compromise on which the tool relies can easily be bypassed by the authors of spyware. I think this criticism demonstrates a misunderstanding of the problem Detekt aims to address.

It is true that surveillance malware should be detected by anti-virus solutions, and the fact that it is written by a government should not make a difference: AV vendors have always made it clear that they wouldn't make exceptions. However, whether the malware will be detected in practice is less certain, as the spyware is usually tested to make sure it is undetected by AV products before being sold.

Read more (7 paragraphs)

Botconf 2014 preview

Many VB authors and presenters to speak at second botnet-fighting conference.

Last year, I attended the first edition of ' Botconf' in the French city of Nantes. I really enjoyed the conference, so I am looking forward to the second edition, which will take place in less than two weeks' time in Nancy, in Northeastern France.

I was also pleased to see that several of this year's Botconf speakers have either spoken at recent VB conferences or published articles through Virus Bulletin.

G Data researcher Paul Rascagnères will present a workshop on using WinDBG to analyse rootkits and is co-author of a paper on the 'Havex' RAT that will also be presented at the conference. Earlier this year, we published a paper by Paul on the 'IcoScript' RAT.

Read more (9 paragraphs)

VB2014 paper: Sweeping the IP space: the hunt for evil on the Internet

Dhia Mahjoub explains how the topology of the AS graph can be used to uncover hotspots of maliciousness.

Over the next few months, we will be sharing VB2014 conference papers as well as video recordings of the presentations. Today, we have added 'Sweeping the IP space: the hunt for evil on the Internet' by OpenDNS researcher Dhia Mahjoub.

The Internet is often described as a network of networks. These individual networks are called Autonomous Systems (AS): collections of IPv4 and IPv6 network prefixes administered by the same entity and sharing a common routing policy. Each AS is identified by an Autonomous System Number (ASN).

Together, the ASNs form the AS graph: a directed graph that links ASNs to their upstream counterparts. In his VB2014 paper, Dhia explains how this graph can be used to detect ASNs whose IP addresses host malicious content.

Read more (4 paragraphs)

Report: VB100 comparative review on Windows 8.1

40 out of 48 tested products earn VB100 award.

If you follow the security news, you may believe that all you have to worry about are nation states using zero-day vulnerabilities to infiltrate networks and computers with stealth malware.

The reality is, of course, more complicated, and if this is indeed your biggest worry, your systems are exceptionally well secured. In practice, a malicious link is easily clicked, a malicious download easily mistaken for a legitimate one, and a patch easily missed. Hence anti-virus remains as important a layer of defence as ever.

To find out which products are up to the job, John Hawes and his team tested no fewer than 48 products on Windows 8.1, the latest version of Microsoft's flagship operating system. 14 of these were classified as corporate products, with the remaining 34 designed to be used by consumers.

All corporate products, and all but eight consumer products performed well enough to achieve a VB100 award, demonstrating that, in their default state, they were capable of detecting all malware from the WildList without erroneously alerting on files from a 'clean set' of legitimate files.

Read more (6 paragraphs)

Telephone 01900516363
Visitors to this page : 7,498

Digital Solutions  for Cumbria

 

 

Mobile 07944982166