Security for free, update after 4 years

About 4 years ago, while I was working at Avira,  I wrote this article for (ISC)2’s blog. Security “for free”? I wrote back then about how to cover all attack vectors for malware. I also wrote about the hidden costs, which many people tend to ignore. These costs are not acquisition costs. They are even not easily visible. I concluded, that it is possible to achieve a decent degree of security without any acquisition costs. However, there are drawbacks and there are hidden maintenance costs. For those who are interested in having software that works for them and not the other way around, it is advisable to get a paid security solution that covers all the relevant attack vectors and offers a decent quality of service.   I am very proud to say that I would not change anything in that article, even back then I could have been biased by working for Avira, one of the major players in this space. I guess that this is what makes one a professional.   Four years later In these four years, AVG, one of the major players in Free AV field was acquired by Avast. Malware Bytes became a major player… Cybertalk with IT security expert Sorin Mustaca

Cybertalk with IT security expert Sorin Mustaca   vpnMentor has had the privilege of talking with Sorin Mustaca, a Certified IT consultant with over 15 years of experience in IT security, and author of “Improve Your Security”, a guide for the common end user that deals with the question of how to beware of cyber threats on the individual level.   By Ditsa Keren, 16/06/2016 Content Can you tell us a little bit about your background in IT security? With so many new threats and with the fast development of hacking technologies, how can an anti-virus stay up to date and protect a company from being hacked? What can you tell us about the recently emerging Ransomware encryption Malware attacks? What defenses would you recommend in the case of a ransomware attack? What can you tell us about the recent leak of over 32 million twitter accounts? Why do we only see these leaks now? Do you recognize a specific country from which the majority of hackers operate? Do you see any leakage of cyber technology between military intelligence organizations and the dark net? Can you give us some examples? What kind of new cyber threats can we expect to see…

Classical Antivirus is dead.Long live EDR?

We recall last year’s article in WSJ  quoted executives from antivirus pioneer Symantec declaring antivirus software “dead” and stating that the company is focusing on developing technologies that attack online threats from a different angle. I also wrote about it here:   Now the new concept has a name: Endpoint Detection and Response (EDR). Kelly Jackson Higgins, an experienced editor at Dark Reading wrote this week an interesting article called “The Rebirth Of Endpoint Security” where she interviews representatives of various cybersecurity startups. “This is is clearly a pretty hot market from a VC perspective. There’s a lot of money flowing in from a lot of new startups,” says Peter Firstbrook, a vice president at Gartner. Firstbrook is tracking more than 30 vendors now in the so-called endpoint detection and response (EDR) security space, and in the past 12 months, EDR startups have raised $322 million, he says. $322mil is a lot of money, but by far not enough to reach the tipping point where these technologies would be able to replace traditional antivirus (based on signatures and heuristics) which is multi billion worth yearly. Krebs wrote also about it last year:     My opinion As also expressed in the article, I think…

No Image

Is Antivirus really dead? It depends on what you call Antivirus

Every once in a while, someone or some company in the information security industry comes up and says, “antivirus is dead.” This happened again last week, when Symantec’s Brian Dye told the Wall Street Journal that antivirus was dead and that it was no longer a “moneymaker.” Avira Security Expert and Product Manager Sorin Mustaca tells us via email: “This hardly comes as news for anyone in the security industry who’s been in the business for more than a few years. I’ve written in April 2014 in the Virus Bulletin magazine an article called ‘Is the IT security industry up to the new challenges to come?’ where I describe exactly this situation. For the past 25 years, the IT security industry has done a great job of protecting users against existing and emerging threats, in the form of files (copied, downloaded or emailed), streams of data (remember Code Red), and recently, even against common vulnerabilities in third-party software. We started with Windows, continued with MacOS and Linux, and lately we have extended the protection to mobile devices running various operating systems. Saying that the ‘Antivirus is dead’ is incomplete. The classical antivirus, the one that works only with signatures or patterns,…

No Image

Signs that your smartphone is potentially infected with malware

1. You notice that you pay more than usual for your mobile phone bill This is a sign that some trojan might send SMSs or make phone calls to super expensive phone numbers oversees. 2. Data usage increase Malware usually sends data to the cybercriminals. If you notice an increase in the data usage or if your provider is slowing down your data transfer because you consumed too much, it might be a sign that malicious software communicates without your knowledge. 3. Calls are interrupted often and SMSs don’t reach their destination Even if you see that you have maximum reception sometimes the most basic functions of the phone don’t work reliably. Sometimes malware tries to intercept the calls and even re-route them to more expensive numbers or through proxies. 4. Battery consumption grows unexpectedly If without using your phone more than usual you notice that the battery drains, there might be some program that is residing in the active memory. Such programs can be trojans that try to intercept the calls and SMSs you make. 5. Bad overall performance of the smartphone If your smartphone becomes slower than usual and apps take much longer to start and function, something…

No Image

Why Intel bought McAfee?

Everybody knows about this acquisition. Now, why did Intel (chip produced) needs a Software Security company ? There are some possible reasons: 1. To enter in a multi-billion market which needs fresh ideas and technologies 2.  To produce better security software which makes use of their multi-core processors 3. Both 4. Add AV in the CPU (or on the board) directly(with some help from the “cloud”) 5. Create an AntiVirus Chip -> move from software to hardware (which they know better) Of course, I vote for 3… Both. But also 4 isn’t so bad 😉 Why ? Well, because there is what the so called “Moore’s Law“. And, Intel is preparing for the point when it will stop being valid. So, if they can’t produce better hardware, they would better adapt the software that runs on it so that it works much, much better. Intel is already a major player in the software industry. They produce a lot of good software ranging from drivers and software for the hardware, compilers, code analyzers and integrated development environment. So, what the AV world is missing is software that runs optimized on those cores. We all try to implement our code in such…

No Image

Avira’s Free AV is celebrating 10 years

Quote from the Techblog: “Amazing! Avira’s free antivirus solution, Avira AntiVir Personal available at our web site, is now getting 10 years old! For ten years, we added an additional security layer around companies by protecting the employees personal computers from malware infections for free. Amazon: Bestsellers Electronics and Photo The free version always offered the latest antivirus techniques available, and the best detection rates and superb protection due to heuristics detections. For us that is a good reason to celebrate. For ten days our present to our customers is an additional runtime of 10 months if you buy a usual 1 years license of our premium products or the small business suite. Happy birthday, FreeAV! ” Amazon: Bestsellers Electronics and Photo Amazon: Bestsellers Electronics and Photo

No Image

Why no antivirus for P2P programs ?

I received a nice email with a very good question from Mehdy Mohajery. It is not the first time I am asked the same question. This time I am documenting the answer I always give. Question: I saw you profile on just tonight , and I noticed that you are specialist in both p2p systems and designing security systems. that encouraged me to ask a question from you. As you know, nowadays a lot of viruses are being distributed via p2p networks like KAD & EDonkey. If an anti virus vendor like avira could provide a plug-in for a major p2p2 client (emule) to detect viruses before downloading by their FileID (MD4 Hash) , then a major part of virus traffic on p2p networks can be eliminated. So why nobody on security industry seems to care about securing p2p networks with this method? should I download every piece of scrap to know if it’s infected? I like to know your opinion about this. Dear Mehdy Mohajery, There are several reasons why nobody adds an AV for the P2P programs: 1. Having in mind the “free of charge” nature of the P2P networks, nobody will pay for an Antivirus program….

%d bloggers like this:

By continuing to use the site, you agree to the use of cookies and to its Privacy Policy more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.