Scan a QR code – Expose yourself to mobile malware

Guest post by David Maman – CTO & Founder of GreenSQL.

A single poisoned link is all it takes to expose an entire organization to a full-scale attack.

Hackers write sophisticated browser-based attacks that operate quite stealthily. Now, they’re going after our mobile phones, which are soon to be the number one way we access the web.

As QR codes have evolved, they now can offer users – and thieves – unlimited information within seconds of scanning.

And we scan them voluntarily.

We’ve already been trained to think twice before entering an unknown link we get from a stranger or even a friend, but almost anyone will scan an unknown QR code with a smartphone or a tablet, if the offer it’s embedded in looks tempting enough.

The Experiment:

Over a three-day security conference in London, I created a small poster featuring a big security company’s logo and the sentence “Just Scan to Win an iPAD.” Thousands of people walked by, no one asked where the sign came from, and no one took it down, not even a representative of the company featured on the sign.

The results: 455 people scanned the sign and browsed the link over the three days. The breakdown: 142 iPhone users, 211 Android users, 61 Blackberry, and 41 unknown browsers.

Remember, this was a conference for security professionals.

As I’m a nice guy fighting for the right side, the QR code simply linked to a web page featuring a smiley face. If I had decided to include a malware or poisoned URL attack based on multiple mobile smart phone browsers, I wonder whose phone I would have penetrated…

To make a long story short: QR codes are becoming more and more prevalent. And most of us don’t have the same AV or URL filtering technology on our phones or tablets that we have on our PCs.

The question is: Can we really fully trust the QR codes we see on the streets, in restaurants, or in ads? Regretfully, the answer is no.

Any attacker can take advantage of QR codes. And remember, unlike computers, most mobile devices do not include antivirus solutions to protect us against mobile malware.

Think before you scan.

· Does this QR code seem to come from a reliable source?

· After scanning the QR code and seeing the link, is the link really from whom it claimed to be?

· Would I click on this link if it came through my email?

Even if you miss out on the iPAD or the free ice cream cone, you’re probably better off.

Author bio:

David Maman is CTO & Founder of GreenSQL, the database security company.

About GreenSQL:

GreenSQL, the Database Security Company, delivers out-of-the-box database security solutions for small and mid-sized organizations. Started as an open source project back in 2006, GreenSQL became the no. 1 database security solution for MySQL with 100,000 users worldwide. In 2009, in response to market needs, GreenSQL LTD developed a commercial version, bringing a fresh approach to protecting databases of small- and medium-sized businesses.

GreenSQL provides database security solutions that are affordable and easy to install and maintain. GreenSQL supports Microsoft Azure, SQL Server (all versions including SQL Server 2012), MySQL and PostgreSQL.

Google Gives Users The Finger One More Time

The Internet is one kickass place – survey after survey continue to show that cybercriminals are picking off unaware/undereducated users, as if they were shooting fish in a barrel. And Google, the “Do No Evil” company has just made it easier for the bad guys to take aim at you, and me. Read on.

As I reported in March of last year – Search Engine Results – More Malware Surprises Than Ever!

Cyber criminals have bumped up the level of search engine malware.

One in five search topics lead to malware…………

Google search results produced 38 percent of overall search engine malware.

Luckily, those users in the know – were aware that steps could be taken to mitigate the risk of an infection transmitted through a bad search engine result. The tool of choice – one I have long recommended to regular readers here – has been WOT (Web of Trust).

WOT, one of the most downloaded Firefox Add-ons at the Mozilla add-on site, (also compatible with Internet Explorer and Chrome), is a free Internet Browser resource which  investigates web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams – helping you avoid unsafe web sites.

For example, here’s a Google search in which WOT indicates which sites are safe. Notice the unsafe (red) sites, in the Google ads!

You can now scratch the reputation icon associated with the Google ads shown in the previous screen capture. Here’s the bad news. Google has reversed course, and no longer (as of April 13) allows a reputation assessment icon (in other words – a SAFETY assessment icon), to be displayed on Google sponsored ads.

According to WOT – “Due to Google’s policy change, WOT and some other similar tools can no longer show reputations for sponsored links on Google’s search results, or elsewhere on Google ads.”

In the following screen capture (taken today), you’ll notice WOT’s reputation icon (the green circle), attached to generic search results. You’ll also notice, on the TigerDirect (a Google ad), a reputation assessment is no longer available.

In my view, Google can take its “Do No Evil” motto, and “shove it where the sun don’t shine”. No matter the reasoning behind this move – the net result is, Internet surfers are at more risk than they were last week. Tell me that’s not EVIL!

A big “thank you” to regular reader Michael F. for the heads up.

Who’s Phoning Home On Your Internet Connection? Find Out With CurrPorts and, Process and Port Analyzer

There’s not much point (from a cybercriminal’s perspective), in infecting a computer with malware unless the information which it’s been designed to capture, ends up in the nasty hands of the criminal.

Generally speaking then, it’s reasonable to say that the most important function of malware (again, from a cybercriminals perspective) is to “phone home” with the information it’s been designed to steal. It’s hardly surprising that much of the malware infecting the Internet does just that.

You can, if you like, trust that your AV solution will tip you off to any nasty behavior occurring in the background. But, as a follower of  the “better safe than sorry” school of thought, trusting in any AV solution to safeguard my systems in all instances, just doesn’t compute with me. There are no perfect AV solutions.

All to often, “new” malware has already rampaged through the Internet (despite the best AV providers have to offer), before average users become aware. As a result, I’ve long made it a practice to monitor my open ports and Internet connections frequently, throughout a browsing session.

At first glance you might think port checking is time consuming and not worth the effort. But it is worth the effort, and it’s not time consuming – it often takes no more than a few seconds. More to the point, in my view, it is a critical component of the layered defense approach to Internet security that regular readers of this site are familiar with.

There are a number of free real-time port analyzers available for download, and the following is a brief description of each. If you are familiar and comfortable with using the Windows command structure, then you may want to try the command line utility Netstat, which displays protocol statistics and current TCP/IP connections. This utility and the process, are covered later in this article.

But first:

CurrPorts (this is the port tool I use daily), allows you to view a list of ports that are currently in use, and the application (keep in mind, that malware, for all practical purposes – is an application) that is using those ports. You can close a selected connection as well as terminating the process using it.

In addition, you can export all, or selected items, to an HTML or text report. Additional information includes the local port name, local/remote IP address, highlighted status changes and more.

Shown in this screen capture – Browser is not running. No remote connections. Looks like I’m safe.

Shown in this screen capture – Browser is running. Thirty remote connections, all of which are legitimate.

Fast Facts:

View current active ports and their starting applications

Close selected connections and processes

Save a text/ HTML report

Info on local port name, local/remote IP address, highlighted status changes

Download at: NirSoft (you’ll need to cursor down the page to the download link).

Next up:

Process and Port Analyzer is a real time process, port and network connections analyzer which will allow you to find which processes are using which ports. A good little utility that does what it says it will do.

Fast Facts:

View currently running processes along with the full path and file which started it

View the active TCP Listeners and the processes using them

View the active TCP and UDP connections along with Process ID

Double click on a process to view the list of DLL’s

Download at: http://sourceforge.net

Netstat:

Windows includes a command line utility which will help you determine if you have Spyware/Botware running on your system. Netstat displays protocol statistics and current TCP/IP connections.

I use this utility as a test, to ensure that the anti-malware tools and Firewall running on my systems are functioning correctly, and that there are no open outgoing connections to the Internet that I am not aware of.

How to use Netstat:

You should close all open programs before you begin the following process if you are unsure which ports/connections are normally open while you are connected to the Internet. On the other hand, if you are familiar with the ports/connections that are normally open, there is no need to close programs.

There are a number of methods that will take you to a command prompt, but the following works well.

Click Start>Run>type “cmd” – without the quotes>click OK> this will open a command box.

In Windows 8 – type “cmd” at the Metro screen.

From the command prompt, type Netstat –a (be sure to leave a space), to display all connections and listening ports.

You can obtain additional information by using the following switches.

Type Netstat -r to display the contents of the IP routing table, and any persistent routes.

The -n switch tells Netstat not to convert addresses and port numbers to names, which speeds up execution.

The Netstat -s option shows all protocol statistics.

The Netstat-p option can be used to show statistics for a specific protocol or together with the -s option to show connections only for the protocol specified.

The -e switch displays interface statistics.

Running Netstat occasionally is a prudent move, since it allows you to double check which applications are connecting to the Internet.

If you find there are application connections to the Internet, or open ports, that you are unfamiliar with, a Google search should provide answers.

Steve Gibson’s website, Shields Up, is a terrific source of information where you can test all the ports on your machine as well as testing the efficiency of your Firewall. I recommend that you take the Firewall test; you may be surprised at the results!

Babble.ly – A Free Anonymous Phone Number Service

WordPress has made it very easy to “follow” WP hosted blogs, with the inclusion of a “Follow” widget. Occasionally, I’ll take a quick peek at a new follower’s Gravatar profile simply out of curiosity. Far too often, these profiles list a personal telephone number.

Here’s a recent example, with the telephone number blacked out for obvious reasons.

There may be a good reason why this person has chosen to post his telephone number openly on the Internet – but, I can’t think of one that satisfies the most basic of privacy considerations.

It’s not as if there aren’t solutions to freely posting a contact telephone number – without compromising a “real” telephone number – there are. One such solution, and a free solution at that, is offered by Babble.ly.

Rather than focus on the single issue illustrated by the example I’ve laid out above – I’ll rerun last year’s article on Babble.ly. instead. This article provides an overview of how Babble.ly works, and how you might benefit from this free service.

Originally posted January 26, 2011

Privacy is a major issue for most people who use the Internet; particularly those who use web based listing service such as eBay, Craigslist, and online dating services. Not surprisingly, to interact with these services, participants need to provide a contact phone number.

Not all participants feel comfortable in providing their home, business, or cell phone numbers to unknown parties that can conceivably place them at risk. So, how can you address this challenge, if you fit into this category?

Luckily there are a number of free services that offer solutions to this problem. The new kid on the block is babble.ly – currently in Beta. Babble.ly (currently in Beta  provides a connection service, by way of a URL, which you can post – instead of your actual phone number.

Those with access to this unique URL can call you – with Babble.ly acting as an intermediary which effectively protects your real phone number, as well as the phone number of the caller.

In testing, the process went smoothly and the step by step instructions were clear and very easy to follow.

First, I entered my phone number. The number in the following graphic is a “dummy” number. I did, in fact, enter my real number. After which, I pushed the “Create Link” button.

Verifying my number (as per the instructions), prompted a call from the service …….

It was a simple matter to enter the required verification code from my handset.

Finally, I’ve got my link.

Clicking on the link you have provided the recipient (which I did), will open the following self explanatory screen.

In testing, the call completed flawlessly.

Fast facts:

Easy – Get a free disposable link for your phone number. Post it to Facebook, Twitter, forums, dating sites, anywhere you want!

Private – When the link is clicked, babble.ly will connect your call. Your number always remains private. Don’t want to talk now? Reject the call!

Customizable – Keep the link as long as you want. Done with the link? Revoke it. Log in, or call 415-325-2003 for our automated system.

If you’re looking for a free, safe solution, as an alternative to posting your phone number anywhere on the Internet, Babble.ly should appeal to you.

Note: Calls are limited to 10 minutes and, to U.S. and Canadian numbers during the beta.

Connect with Babble.ly – here.

Way To Go WOT! – Now Protecting 30 Million Users

The Internet is one kickass place – survey after survey continue to show that cybercriminals are picking off unaware/undereducated users, as if they were shooting fish in a barrel.

It’s hardly surprising then, that an enormous industry (no, not big, not large – but, enormous) has developed, based on the principal that technology can act as a counterfoil  to the most nefarious cyber criminal schemes. Criminal schemes which are, after all, technology driven.

I’ll leave it to you to decide if this has been an effective solution.

No matter the side you come down on regarding this complex issue, dancing around naked (so to speak ) on the Internet – that is, without adequate Browser protection, is akin to fumbling and stumbling through the toughest neighborhood in your area – after dark.

Internet security starts with the Web Browser (it does not end there – but, one step at a time), and WOT (Web of Trust, which passed the 30 million user mark yesterday – January 9, 2011), substantially reduces the risk exposure that comes with wandering through the increasingly risky neighborhood that the Internet has become.

Based on the way that I surf the Web, there’s no contest as to which of the 17 add-ons I have installed on Firefox, is most important to my piece of mind. The hands down winner – the single most important add-on for my style of surfing is WOT (Web of Trust).

Sure, that’s a pretty bold statement – but, since I frequently hear from readers who, after installing WOT on their computer systems, feel reassured that they are safer than ever before, and who express a renewed sense of confidence, and  a new level of enthusiasm, while surfing the Internet, I’ll go with it.

If you’re not yet a WOT user, read the following in-depth review – you may reconsider.

What is WOT?

WOT, one of the most downloaded Firefox Add-ons at the Mozilla add-on site, (also compatible with Internet Explorer and Chrome), is a free Internet Browser resource which  investigates web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams – helping you avoid unsafe web sites.

For example, here’s a Google search in which WOT indicates which sites are safe. Notice the unsafe (red) sites, in the Google ads!

Take a look at what happens if, in fact, you do end up on an unsafe web site. WOT’s dropdown warning curtain blocks access to the site until you determine otherwise.

WOT operates in a unique fashion in order to offer active protection to the Internet user community. It stands out from the crowd of similar applications, by soliciting the opinions of users/members whose views on web site safety are incorporated into the overall site safety rating. According to WOT, the user community now has reputation data on over 35 million sites worldwide.

The shared information on a site’s reputation includes trustworthiness, vendor reliability, privacy, and child safety. As well, in order to achieve maximum security coverage, WOT uses thousands of trusted sources including phishing site listings, to keep users protected against rapidly spreading threats.

WOT integrates seamlessly with search engine results from popular search engines including Google, Yahoo, MSN and other popular sites, and provides impressive protection against Internet predators.

WOT recently added the top three web-based email services – Google Gmail, Windows Live Hotmail and Yahoo! Mail, to its free security protection. You can now feel more confident and secure, since WOT checks links embedded in your email, and warns you of dangerous web sites so that you can avoid spyware, spam, phishing, identity theft and other Internet scams; before you click on dangerous embedded links.

How WOT works:

The Browser add-on icon, displays a color rating for each site you visit, indicating whether a site is safe to use, should be used with caution, or avoided entirely.

Using traffic light colors, (green, yellow, and red), WOT leaves you in no doubt as to the safety rating of a web site. An impressive feature of WOT is the dropdown transparent warning curtain, shown earlier, triggered on visiting a dangerous site.

Recognizing that up to ten percent of Internet users are at a disadvantage however, due to colorblindness, and cannot rely on an Internet safety system based on color coding, the Web of Trust development team recently released an adaptive version of WOT. This version incorporates equivalent alternative information, through assistive or adaptive technology, for colorblind users.

This colorblind accessible application provides the same critical benefits to those individuals who have to contend with visual impairments, as it has to those of us who have come to rely on WOT as a major defense against the pervasive hazards we encounter on the Internet.

Quick facts – WOT checks the following on each web site visited:

Trustworthiness

Vendor reliability

Privacy

Child Safety

More quick facts:

Ratings for over 30 million websites

The WOT browser add-on is light and updates automatically

WOT rating icons appear beside search results in Google, Yahoo!, Wikipedia, Gmail, etc.

Settings can be customized to better protect your family

WOT Security Scorecard shows rating details and user comments

Works with Internet Explorer, Firefox and Chrome

Interface supports English, French, German, Spanish, Italian, Russian, Polish, Portuguese, Swedish and Finnish.

System requirements: Windows (all), Mac OS X, Linux

Download at: MyWot

Surf more securely by installing this browser add-on which will provide you with an in-depth site analysis based on real world results. Keep in mind however, that you are your own best protection. Stop · Think · Click.

BitDefender Safego – A Free Social Network Cyber Criminal Defense System

No matter my own thoughts on Facebook and Twitter (which are not entirely positive), it’s impossible to ignore the impact social networking has had on how we communicate.

It’s hardly surprising then, that Facebook and Twitter, and sites like them, have proven to be the perfect channel for cyber criminals to “communicate” with potential victims.

In the past hour alone, over 25,000 articles dealing with Facebook malware have been posted to the Net – as the following screen capture indicates. Ponder on that – 25,000 articles dealing with Facebook malware in one hour! That number certainly reaches the threshold of what I consider an epidemic.

Just for a reference point – the “any time” total, using the same search string, is 44 Million results.

My usual skeptical observation:

You might think, given those numbers, that a typical social network user would take minimum precautions to ensure that their privacy, and computer system security, are protected against compromise by employing a sound safety strategy. But no, typical social network users’ are #####, ********, !!!!!!!!!! , ………… Unfortunately, given that this is a G rated blog, I’ll have to leave the expletives deleted.

Still, for the sake of fairness, I will note – cyber criminal craftiness should not be underestimated. The video below is just one example of how an unaware user can be misled; leading to a perfect storm of malware issues.

Click on the following graphic to play the video.

There is no perfect safety solution in an open system like Facebook, or Twitter – but, there are steps that can be taken to reduce the likelihood that cyber criminals will successfully disrupt your piece of mind.

A few months ago, Bitdefender released a free application – Safego for Facebook- which has just been updated to offer the same level of protection to Twitter users. If you are a Twitter or Facebook users, I urge you to checkout this free application.

From the Bitdefender site:

Bitdefender Safego for Facebook:

Using in-the-cloud scanning, Bitdefender Safego protects your social network account from all sorts of e-trouble: scams, spam, malware and private data exposure. But, most importantly, Safego keeps your online friends safe and …close.

By installing the BitDefender Safego app, users will receive:

Privacy protection – users are warned when they should modify their Facebook privacy settings so personal information isn’t exposed

Automatic scanning –users simply press the “scan now” button to get a snapshot of their Facebook security status

24/7 protection – Facebook accounts are protected even when users are not logged in to Facebook

Protection for friends – users will have the ability to warn their friends about infected links in their Facebook accounts

Bitdefender Safego for Twitter:

Initially launched for Facebook users, Bitdefender Safego is now ready to protect Twitter accounts as well. Bitdefender Safego uses the Bitdefender antimalware and antiphishing engines to scan URLs in the cloud.

Bitdefender Safego keeps your Twitter account safe by:

Checking unknown users before you follow them
Checking the accounts you are following
Scanning your direct messages for spam, suspicious links or highjacking attempts.

See BitDefender Safego in action on YouTube.

BitDefender Safego dashboard shown below.

For additional information on BitDefender Safego, please visit the BitDefender Safego app page on Facebook, or the app page on Twitter.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Secure Your Online Banking With A Linux Live CD

While connected to the Internet, just like you, I face exposure to Trojans, spyware, viruses, phishing scams, identity theft, scam artists, schemers and cyber crooks lurking in the shadows, just waiting to make me a victim. Even so, the odds of me picking up a malware infection, or being scammed, are low  – not 0% but…… Am I just lucky, or is it more than that?

Well, to some extent I might be lucky – but, it takes much more than luck to stay safe on the Internet. For me – it really boils down to prevention. Preventing cybercriminals from getting a foothold by being vigilant and adhering scrupulously to fundamental security precautions, including –

A fully patched operating system.

A robust firewall.

Automatically updated anti-virus and anti-spyware software

An aggressive HIPS (host intrusion prevention system).

Increased Internet Browser protection through selected add-ons.

and, most importantly never forgetting to – Stop. Think. Click.

Despite all those security precautions though, there’s one connected activity that still concerns me – online banking. Regardless of the fact that I choose my Internet banking provider based partially on its low profile (four branches as opposed to the usual 3,000/5,000 branches common in Canadian banking), I’m not entirely relying on this low profile as a guarantee that cybercriminals will not target my provider.

The inescapable fact remains; I am my own best protection while conducting financial transactions on the Internet. Frankly, I’m not convinced that financial institutions are where they need to be when it comes to protecting their online customers.

Despite my best efforts it’s possible (though unlikely), that malicious code may be installed on my computer – ready to pounce on my banking user account names, and passwords. Which is why, I have long made it a practice to conduct my financial affairs on the Internet via a self-booting Linux Live CD running Firefox. Since a Linux Live CD is read-only media, the environment (running entirely in RAM), will be much more secure than Windows.

Yes, I admit that it’s a pain to shut down and reboot just to complete an online financial transaction but, I’d rather be safe than sorry – I’m into an ounce of prevention. Since the majority of malware is Windows specific, banking online through a Linux Live CD is my ounce of prevention.

Recommended Linux Live CDs:

Lightweight Portable Security (LPS) – A Linux distro from the US Department of Defense.

Ubuntu – fast, secure and easy-to-use.

Puppy Linux – A complete operating system with suite of GUI apps, only about 70 – 140MB, and boots directly off the CD.

KNOPPIX – Live Linux file system on CD.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

ClearCloud DNS Service Bites The Dust – Pick Up The Slack With Norton DNS

Occasionally, when I’m stuck for time, I’ll post an edited version of an earlier article. In choosing an appropriate article, I try to focus on a free application or service that has real value, but is often underappreciated. More and more often though, I’m finding that a free application I reviewed is no longer free, or the free service I recommended, no longer exists.

Another one bites the dust.

Regular reader Georg L., has just notified me that ClearCloud DNS, a free DNS alternative (reviewed here September 5, 2010) which prevented users from visiting sites identified as harboring malware exploits, will be closing the curtain – effective September 1, 2011.

If you are currently using ClearCloud DNS, you will need to reconfigure your network connection prior to September 1, so that your Internet connectivity is not interrupted. You can learn how to remove ClearCloud DNS from your computer by clicking here.

If you’re convinced that an alternative DNS service has value, and you wish to continue to harden your system by substituting your ISP provided DNS service, with a more secure alternative – you have a number of choices to consider, including – Norton DNS, with Norton Safe Web.

Benefits of running with Norton DNS:

Malware Site Blocking – Automatically blocks known dangerous and infected Web sites. Provides a complete overview of the threats found so you know why a site is blocked.

Web Content Filtering – Lets you block Web sites that contain content that you think is inappropriate or dangerous. You can choose from over 45 different categories of content to block and specify individual sites to block.

Here’s an example of Norton DNS in action following my clicking on a spam comment link. 

Further investigation of the Threat Report, reveals the following.

Pretty scary stuff, I think you’ll agree.

You can install Norton DNS either by download and running the installer or, if you want to have a bit of fun – you can choose to install manually. At first glance, you may think this is complicated when it fact, it’s quite easy. So, give it a try, and don’t be nervous. 

The screen captures below, reflect the changes I made.

Manual Setup for Windows:

Open the Control Panel from your Start menu.

Click Network Connections and choose your current connection.

On the General tab of the Connection Status screen, click Properties.

On the General tab of Connection Properties, scroll down and select Internet Protocol (TCP/IP), then click Properties.

On the General tab of Internet Protocol (TCP/IP) Properties, select Use the following DNS server addresses, then enter the two NortonDNS IP addresses 198.153.192.1 and 198.153.194.1.

Click OK until each window is closed. You are now using NortonDNS.

Once installation is complete, you will be presented with the following confirmation screen.

To ensure that you have in fact, been successful in making the change, visit this Norton page. The page will let you know if you are currently using Norton DNS.

or

System requirements: Windows XP (32-bit) with Service Pack 2 or later, Vista (32-bit and 64-bit) Win 7 (32-bit and 64-bit).

Download at: Norton DNS

Note: Uninstalling or canceling Norton DNS is easy – simply uninstall it. The process will revert your DNS settings to their previous values.

Additional free alternatives include OpenDNS, and Google Public DNS.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

NEW – Panda Cloud Antivirus 1.5 Released

Panda Cloud Antivirus 1.5, Panda Security’s newest release (June 20, 2011), of it’s popular cloud-based antimalware application, should be even more effective at keeping the bad guys at bay with it’s newest enhanced features.

New features include – improved scanning speeds, less CPU consumption, advanced configuration options for exclusions of files based on file extensions, and a new activity monitor which shows information such as scanned file details, and previous viruses detected.

Panda Security obviously pays attention to its users recommendations for improved product features, since a number of these new features were suggested by the user community.

Panda Cloud Antivirus is based on Collective Intelligence, a system for detecting and disinfecting viruses and other threats that feeds off the knowledge shared by millions of users. The computers that are part of the Panda Community – instantly share and benefit from all the information stored in the cloud.

Testing anti-malware applications takes considerable time in order to get to the heart of the matter – does an application work in the “real world?”

Will the application do what an average user expects – does it block malware effectively and efficiently? Particularly new, or emerging, malware threats.

Is the interface crafted in such a way that an average user doesn’t need to digest an instruction manual in order to navigate the application?

Is the application capable of providing adequate protection without stressing system resources?

I’ve been running Panda Cloud Antivirus, on a secondary system, since April 2009, and in this extensive testing, Panda Cloud Antivirus has met, or exceeded, all of these requirements. So, I’m looking forward to giving this new release a workout.

Installation:

Pay particular attention at the Install screen. Once again, you’ll be asked to accept a Toolbar and a change in your Homepage – annoying as hell. As well, on this screen, you can choose your language.

Panda is obviously convinced that the “more is less” GUI approach, is suitable for most users. Kudos – I couldn’t agree more.

The optimized scan screen.

Scan time: under 5 minutes – 19,873 files.

The settings menu is accessed via the tool icon – as shown at the “hand icon” in the above screen shot. I found this “hideaway” a little awkward.

Despite an abundance of settings you’ll find some settings are only available in the Pro version.

At less than $30 for the one year Pro Edition license, you might consider jumping up to this version. Frankly though, I’m no fan of one year licenses.

Not when one considers that a lifetime license for Malwarebytes’ Anti-Malware and SUPERAntiSpyware, both of which are outstanding applications, can be purchased for less than $30 – considerably less when on sale.

Fast facts:

Light – Only works where necessary. It’s so light you won’t even notice it.

Easy – Don’t worry about complicated decisions ever again. Panda Cloud Antivirus will make the best decisions for you to keep your PC protected.

Secure – Panda Cloud Antivirus is based on Collective Intelligence, a system that continuously collects and analyzes viruses and other threats gathered from the community of millions of Panda users around the world.

Free – No tricks! Panda Cloud Antivirus has a free version that protects you against viruses and malicious websites.

Note: Panda’s Collective Intelligence servers have analyzed 175,569,053  (and counting) viruses, and known goodware.

System requirements: Windows 7 32-bit, Windows 7 64-bit, Windows Vista 32-bit, Windows Vista 64-bit, Windows XP 32-bit,  Windows XP 64-bit.

Panda Cloud Antivirus is available in 20 languages.

Download at: Panda Security

Backed by more than two years experience running Panda Cloud Antivirus in various editions, I have no hesitation in recommending Panda Cloud Antivirus 1.5 as a front line antivirus application.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

250 Zemana AntiLogger License Giveaway At MalwareTips.com

Regular readers may remember, that I thoroughly tested Zemana AntiLogger a year or so ago. Subsequently, through the generosity of Zemana we were able to offer two thousands plus, free licenses to readers.

During the testing period I ran a series of Anti-Keylogger Tests, including tests for web cam penetration. All test methods were defeated by Zemana AntiLogger.

A quick recap of Zemana AntiLogger’s capabilities.

Secure your Internet banking and financial transactions

Protect information in emails and Instant Messages

Protect keystrokes from spyware

Protect all screen images

Webcam Logger protection

System Defense

No need to download latest virus signatures

No need to know or detect the malware’s signature

No need to wait for updates from a virus lab

No need to scan files

Proactively looks for suspicious activity

Catches not just the usual suspects, but also sophisticated “zero day” malware

Prevents theft of data via secure connections (HTTPS / SSL)

Does not slow down your PC

Easy to download, install and use

Future-proof

This application, which is arguably the best Antikeylogger application on the market, is not freeware, but you may download a 15 day trial version at: Zemana

Better yet, take a run over to MalwareTips.com, read the article carefully, and follow the instructions to obtain a new 12 month license.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.