As a mobile security researcher, Elad is responsible for malware in-depth analysis, creating and updating malware signatures, vulnerabilities management for mobile threats, coding multipurpose prototypes for mobile devices (PoC), writing security-related web posts alongside of maintaining connections and relationships with the mobile device security community around the world.

Prior joining AVG, Elad worked for the Israeli government as an Information Security consultant.

Elad holds BSc in computer science from Herzliya Interdisciplinary Center (IDC) in Israel and is a key note speaker at Israeli security conferences and events and also abroad. He also helps organise a digital survivor competition held in Israel.

Keep an eye out for Elad’s mobile threat updates here on the AVG blogs!

No longer taboo, online dating’s popularity is supported by a variety of stats.  But as with traditional dating, dating in the Internet era comes with its own unique risks, not least of which is the ease in which someone new can enter your life.

When someone does enter your life, here are a few ways to keep him or her from turning it upside down:

• Take your time before handing out any identifiable information that could allow someone to track your whereabouts like a home address or work telephone.

• In fact, your email can be used to track down other online profiles that may tell more about where you live or, if you’re on foursquare or a similar location-based network, where you are—at this moment! So be sure to create a new email address just for your dates.

• Find out what you can about the person you’re interested in. A few Google searches won’t make you a stalker, and it may turn up some red flags that you’d rather not discover in person.

• Find out what can be found out about you. Google your cell phone number—or even your first name with anything else you might say about your background, i.e., the town you’re from and what you do. You might be surprised by what comes up.

• Disable any geotagging or other location-based data that may exist in any images you post or share.

• Resist the temptation to add new love interests to your social networks. Not only could they be privy to too much too soon, they have the keys to wreak havoc should things not work out.

But this is just the beginning. Choose a reputable online dating site that offers up helpful tips of its own to keep you on your toes. And be sure to compare notes with other online daters.

You can start here. Are you looking for or have found a special someone online? What steps do you take to protect yourself?

Let’s talk about it on Twitter or Facebook. I’d love to hear from you.

If you don’t follow him on Twitter or read his blogs, you should.

The title of Mr. Magid’s panel was “Taming the Reputation Monster” with the basic premise being: we are all at the mercy of technology. As the panel description went, a cell phone can save a child’s life or destroy it. A tweet can strengthen but also wreck a marriage.

Spot on.

For technology not only helps us communicate, it makes it easier to miscommunicate. It allows others to spread far and wide our most private thoughts and actions—whether they are in fact our thoughts and actions or not.

As much as I try to educate others on the pitfalls of the web, I too sometimes fall into them. I try not to beat myself up too much—the Internet, after all, is still relatively new.

But what about our kids? For many, so much of their real-world reputations depend on what can be discovered about them online. And kids being kids, many haven’t yet learned the value of filtering what they say—quite possibly because they haven’t yet paid the price.

But if they’ve shared too much about themselves online, they may already be paying that price. They just don’t know it yet.

Back in November, Jeana Lee Tahnk  wrote about AVG’s ongoing Digital Diaries research on Parenting.com. The blogger mentions the “many times when I hear parents joke about how their kids know more about computers and the Internet than they do.” But, as she also writes, kids are indeed reaching digital adulthood before they are developmentally ready.

So how do we teach them what we think is not always what we should say? Is there a way to let kids be kids, making their share of mistakes, without those mistakes coming back to haunt them when they’re applying for college or a job?

Let’s talk about it on Twitter or Facebook. I’d love to hear from you.

Nowhere is this more pertinent than on the Android platform where the quality control of the official “Android Market” is less stringent than Apple’s AppStore. Google are working hard to combat this and regularly remove apps found to be malicious but users should be aware of the inherent risk.

You can stay on top of threats and scams on Android devices by following our Mobile Threats blog run by our AVG Mobilation™ team. On top of that, you can secure your device for free with our own AVG Mobilation app which can not only protect you from malware also help you recover your phone if it gets lost or stolen.

If that weren’t enough, our Facebook AVG Free Community of nearly 700,000 users is always full of helpful advice and here is what some of them have to say about keeping your mobile device safe and sound.

AVG Community Top 5 tips for securing your phone against malware:

• Avoid installing any applications that aren’t downloaded from the official “Android Marketplace”. If you don’t know who made it, you can’t trust it.

• Don’t install anything that sounds too good to be true! Examples may include “free ring tones” “free wallpaper” etc. Always be sure what your downloading is legitimate.

• Think twice before “rooting” or jailbreaking your device to allow a lower level of protection than standard Android OS release.

• Always keep your phone updated with the latest operating system. This will make sure your phone is as safe as possible. You should check for system updates about once a month.

• Install an antivirus app on your phone. You should be sure to check all settings; make sure the appropriate boxes are checked for the data you are receiving, i.e. web surfing, text messaging and real-time scanner. Ensure that you scan your device regularly and above all keep it up to date!

Related articles

• Fake it till you make it: Mobile Update Week 4 (blogs.avg.com)

As this is an especially sensitive time period from an IT security perspective, companies will want to research the issues at hand and ensure that they keep their business and financial data safe and secure.

Unfortunately, due to a quick of language, Internet searches relating to “security and finance” will mostly throw up results pointing small to medium sized business (SMB) owners towards commercial services aligned to help them “secure their finances” — and not therefore to information dedicated to “keeping their finances secure”; so the sensitivity of this subject is compounded further.

Where should we turn for SMB finance-related IT advice?

The world of business finance has developed a multiplicity of “advice channels”, almost none of which come without a price. Government services are therefore of particular interest here; almost always impartially presented and generally free of charge, it is worth looking up the public sector advice channels available to your business so that you can become conversant with the tax and revenue offices’ preferred means of a) communication b) payment process and c) even complaints should you need to make them.

Keep moving logically onward from this point and turn to your bank. Look up your bank’s existing online resources detailing transaction security and investigate what other services they might have on offer. UK banks for example often offer a “fraud text alert SMS” service to keep you up to date with emerging scams right to the palm of your hand on your smartphone.

Gone phishing…

Given the prevalence of phishing scams that target both consumers and businesses alike, it should be no surprise to see ‘accounting-related’ phishing swindles raising their head to a more significant degree during the end of year accounts period. Personal ‘home use’ credit-card readers are an important additional separation layer for authentication and safety here – these units are designed for home (or at least out of bank) use to generate unique random numbers for additional log in safety.

NOTE: Credit-card readers are of special importance if for example a business is setting up new tax (or other financial) payments online to a “new” payee.

Obvious signs, the usual suspects

As obvious as some of these notes may seem, the type of phishing swindle that often raises its head close to online banking transactions can at first appear relatively innocuous. Given that we are now inside the “money window”, it won’t do us any harm to mention some of the more self-evident no go areas again. Here are some common fraudulent messages designed to appear as though they might come from your bank or some other financial institution:

• A secure message is waiting for you, click here to read.
• Your account will be closed within 48 hours if you do not respond.
• Please reset your online banking password.
• Click the link below to gain access to your account.
• ‘Dear valued customer’ –

On that last bullet point i.e. “dear valued customer”, please remember that your bank knows your name and so this is almost certainly a generic opening line sent out from some malware and/or cyber-crime related source intent on hacking your business finances.

Of course these common sense and technology-related layers of financial IT safety should sit underneath the umbrella protection offered by a robust anti-virus suite such as AVG Internet Security Business Edition 2012. As important as our core business product is here, some good judgment and best practice is needed too. Please keep your “money window” clean and clear and stay safe online.

Several AVG users reported high disk space usage by AVG Security toolbar log file. Please be informed this issue has been rectified with recent AVG 2012™ program update. Here you can find release notes for the mentioned program update (Hotfix 10). Should you face similar difficulties, please update your AVG by clicking the Update now button in the AVG user interface.

2. MS Outlook is freezing when AVG Anti-Spam is installed.

AVG Forums users reported MS Outlook startup is slowed down, sometimes freezing. This issue was caused by AVG Anti-Spam component if user has the MS Outlook plugin for AVG E-mail Protection installed. The issue has been rectified with the recently released AVG 2012 program update (Hotfix 10; release notes).

Should you face such difficulties, please update your AVG by clicking the Update now button in the AVG user interface.

3. General update error

A few users reported general error during AVG update in this week. Although a cause of the issue varies across the individual cases, the AVG repair installation will rectify the problem in most cases. More information about AVG repair installation procedure can be found in these FAQ articles:

AVG Free Edition: FAQ 4372

AVG commercial version: FAQ 4421

In case the issue is not rectified, please contact AVG technical support; AVG update log will be requested for detailed analysis.

4. Stubborn infection

AVG Forums visitors reported hard to remove infections lately, sometimes accompanied by rootkits. Scanning the system using updated AVG Rescue CD when an infection is coming back usually rectifies the issue. AVG Rescue CD is able to find rootkits easily as they are not active when the host operating system is not running.

In case an infection is still coming back or cannot be removed, it may be hidden in a virtual file system which is not accessible by usual means or protected in a different way.

Should you need assistance with infection removal, please contact AVG technical support or describe the issue on AVG Forums.

5. AVG search on newly opened Firefox tabs

AVG Forums visitors mentioned they would like to disable the AVG default new tab page (which includes AVG secure search). This feature could be disabled by clicking the Settings link in lower-right corner of the newly opened tab (note the Settings link is not available on home page, it is present only on newly opened tabs):

- Modify the Show AVG Secure Search Box on new tabs in the browser as you wish.

- Click OK to save your configuration.

Related articles

• AVG Feedback Update: Week 4 (blogs.avg.com)
• AVG Feedback Update – Week 2 (blogs.avg.com)
• AVG Feedback Update: Week 3 (blogs.avg.com)

In the last week we’ve seen some new screens presented by Blackhole exploit kit installations. The first exploit claims that the Windows installation “has been blocked” and demands a payment of 50 Euros (about US $66) by untraceable UKash or Paysafe checks.

And another, allegedly from Scotland Yard, similarly claims the victim’s machine has been locked because it’s been used to view pornography. Payment is demanded by untraceable UKash.

2.  Facebook Scam of the Week: “Oops!!! There was a hidden camera in Bieber’s bedroom.”

This week’s top Facebook scam uses Justin Bieber’s name to lure users into a never- ending spiral of surveys promising fake prizes. The real point is to get users to share personal info they would normally never share with strangers.

After a user shares a link to the Facebook scam they are promised to see a video from a hidden camera in Justin Bieber’s bedroom.

But after sharing the link to their wall they are then told they must fill out surveys.

This is how the scammers make their money. The more people that fill out the surveys with real information the more money they make.

In the end you never get to see a video because it does not exist.

At the bottom of the scam page you will see many of the victims posting comments that they shared the video but are still unable to see the video. So they fell for the scam but still haven’t realized it yet. If you have friends like this perhaps its time to clean up your friends list.

3. The official DivX codec “labs” sub-site, which is used for making betas available to the public, is hosting fake pharma ads.

These pages are simply injected into their forum.

We detect the actual pharmacy spam site these ads redirect to.

Search engine results to the pages are loaded with “no prescription” notifications:

– AVG Threat Research Group

“Hello I am Matthew Simm or Simmy for short. I have been working on the AVG Facebook page for about 4 months now helping and supporting people who use AVG on a day to day business. I am currently studying at my local college in Sunderland, UK so I have little spare time. However when I do get it, I primarily use it to help others with any technical problems that they might encounter on using their PC.

The thing that I like the most about AVG is the community atmosphere. No other security provider treats their customers as a family and you feel a sense of togetherness. Also I like how with AVG you can ask for help through a variety of different channels such as Facebook, the AVG blogs as well as the usual e-mail and telephone support. This is not only convenient for the customer but it also means that response times to queries are very fast unlike other competitors.

Also I like the identity protection feature that not only protects you from threats such as key loggers that can steal your identity and log your keystrokes, but it also detects unknown malware that AVG does not currently have a signature for as new malware is created every second.

I can vaguely remember being introduced to AVG around about 2006/2005 back when it was AVG 7.1. I was in school and my teacher received a popup on her computer screen notifying her that the AVG virus definitions had been updated, so that night I went home and decided to try out the software for myself as I did not use anti-virus software at the time. Fast forward about 5 years and I have not looked back once, the software as fast, efficient and easy to use.”

Related articles

• Introducing the latest Community Award Winners (blogs.avg.com)
• Introducing AVG VIP: Arsa First (blogs.avg.com)
• Introducing AVG VIP: Barry Eyt (blogs.avg.com)

The event saw 361 entrepreneurs, investors and business professionals attend the ACCELERATE Forum. With keynote speeches from Julie Meyer, Lloyd Dorfman, Tim Levene, Austin Healey, Tim Leeson, Martyn Dawes, Will King, Kevin Godlington and James Caan; the event was an opportunity for entrepreneurs present and future to share inspiration, insight and opinion.

During the event, attendees were invited to vote via the iPod Touches which they were provided. The questions were designed by the Entrepreneur Country editorial team to include topical issues which are impacting SMEs in the UK.

Below are some of the results:

Importantly, of the 361 people polled, most respondents thought social media to be the most important growth sector for small businesses in the next five years.

This was supported by a vote on innovation where the majority of people polled claimed that digital innovation would be the most significant area for innovation over the next three years.

Focus then turned to the economy and the impact of the downturn on entrepreneurial spirit and the forecast for small businesses. Surprisingly the responses were largely positive with only 31% of people saying they think the state of the economy is making life harder for start-ups.

And lastly, there was a positive note for any young entrepreneurs when over half of the attendees at the ACCELERATE Forum divulged that they were 35 or younger when they started their current company. It can be done!

For more information on the Entrepreneur Country Forums, visit the event website at http://www.entrepreneurcountryforum.com/.

Related articles

• You Do Not Have to Be Under 30 to Be a Startup Success (theworkathomewoman.com)
• What drives US entrepreneurship? (bbc.co.uk)
• Champions of Small Business Forum: “Innovation will lead us out of the recession” (blogs.constantcontact.com)

The developer’s page in the Android market looks like the following:

The icon of the application looks like:

The Android Manifest file looks like:

When the application opened we can see the following:

It asks the user what number to you want to dial and what voice would you like people to hear (deep scary voice, normal voice and high funny voice).

Also mentioned the service costs 6 NIS per minute in place its hard for the user to spot.

These are the strings.

It is mentioned that the user need to wait 15 seconds for dialing – probably while the call is made to the premium service number and the cost (6 NIS for 1 minute).

Calling a premium service number in Romania:

012 – Israeli mobile operator for getting calls abroad

40 – Country calling code

900720674 – Premium service number

How to remove
AVG Mobilation™ Anti-Virus Free and Pro products provide protection against this threat.
In order for the protection to be activated, update your Android phone with our latest version.
Keep your device safe with AVG Mobilation Anti-Virus Free and Pro products.
Download now from http://www.avgmobilation.com/products.html

How to avoid getting infected:
When installing new apps to your Android device, always look at the permissions an application requests to approve and make sure the list seems appropriate.

In addition, only download apps from application stores, sites and developers that you trust, and always check the application star rating, developer information and user reviews to make sure you know what you are downloading.

Related articles

• Fake it till you make it – Mobile Update Week 4 (blogs.avg.com)
• AVG Mobile Threat Update: Week 3 (blogs.avg.com)

After our Security research team reported this to Google. They suspended the app for violating the Android Market Developer Distribution Agreement.

Several AVG users reported high disk space usage by AVG Security toolbar log file. Also, users may note the vprot.exe process is taking more CPU time than usually when checking their Windows Task Manager. Should you face similar situation, please refer to this FAQ article to remove the large log file.

2. Strange AVG file names

Several users were confused by strangely named AVG files, mostly the “roc_roc_dec12.exe” file lately. If unsure about a certain file, we recommend checking its digital signature as follows:

- Right-click the respective file and select Properties from the context menu.

- Switch to the Digital Signatures tab.

- Verify that the file is signed by trusted authority as seen on the following screenshot:

If unsure about an unsigned suspicious file, please send it to our virus specialists for analysis as described in this AVG Forums post or contact AVG Technical support.

3. iTunes store not accessible

A few AVG Family Safety™ users mentioned they cannot access the iTunes store. The situation has been rectified after removing AVG Family Safety. Should you face similar situation (with AVG Family Safety installed), please feel free to follow this procedure and post your feedback on AVG Forums.

4. AVG search on newly opened Firefox tabs

A few users mentioned on forums they would like to disable the AVG default new tab page (which includes AVG secure search). This feature could be disabled by clicking the Settings link in lower-right corner of the newly opened tab (note the Settings link is not available on home page, it is present only on newly opened tabs):

- Modify the Show AVG Secure Search Box on new tabs in the browser as you wish.

- Click OK to save your configuration.

5. Anti-Virus not active?

AVG Forums visitors sometimes report AVG Anti-Virus component is inactive. This issue is usually caused by hardware failure. We recommend running memory and hard drive tests to check your hardware health should you face similar situation. If the tests reveal that any of the RAM modules or hard drives is faulty, please consult local computer repair shop or your computer vendor for further guidance. The respective faulty component will need to be replaced.

If the hardware appears to be perfectly healthy and the issue persists, please contact AVG technical support for investigation of the issue.

Related articles

• AVG Feedback Update: Week 3 (blogs.avg.com)
• AVG Feedback Update – Week 2 (blogs.avg.com)
• AVG Feedback Update – Week 1 (blogs.avg.com)

In the auto department, sleek teched-out cars like the Pioneer Maserati and Sony’s Audio R8 were waiting to bring you the Black Eyed Peas like you’ve never heard them before on the very latest in A/V. But for me, it’s still all about the ride, which is why I really enjoyed checking out the Ducati displayed with its iSkin collection.

One of the coolest gadgets I came across was the Swiss Army knife with 1 terabyte USB drive, though I’m always concerned by the security risks posed by mobile storage devices that, in my opinion, simply hold too much.

While new tablets and Android mobile phones seemed to play second fiddle to those that took center stage last year, I was impressed in spite of myself by how well the sleek, ultra-light Ultrabooks and folding laptops managed to blur the line between tablet and traditional laptop. And the touchscreen capabilities of Windows 8 brought apps to life like never before.

But if one product were to stop me dead in my tracks, as a dad, it would have to be the GeoPalz pedometer that awards kids based on how active they are with online books, music and games. If there’s a better way to get hyper plugged-in kids to grab some fresh air, I haven’t seen it.

Get a video gimpse of CES 2012 right from the show floor here:

Have a tweet or post of your own to share? Let’s talk about it on Twitter or Facebook!

Unpredictability is the new norm, mobile computing is impacting IT security to a previously unprecedented level, security breaches are really happening in the here and now and, by golly, they can be extremely expensive to fix and put straight

SMB’s are like automobiles

The task of summing up some of the learnings (to use the plural) here is tough in some senses because there are so many sensitive areas to cover; hence, the suggestion that small to medium sized businesses are like cars or automobiles came to the fore.

An SMB is essentially a complex piece of engineering built from a central architectural structure or chassis with many additional components, all of which (through a process of constant use and wear and tear) will need maintenance and replacement and upgrade.

Potholes and pitfalls

Then there is the driver and passengers, the human element i.e. the unpredictable constituents of the mix whose individual choices determine the direction and path to be taken. The road is not always flat and straight, but is far more often twisted and bumpy. As much as a car journey is a process of avoiding potholes and pitfalls, so is the daily operation of an SMB if it is to stay it course.

Taking the analogy a couple of steps further, of you want to protect your car just as you would protect your business. So while you would want to wax and polish your paint job and make sure that you put the best grade of unleaded fuel in your tank, why would you want to pay any less attention to the exterior and interior power and protection mechanisms you use within your small business?

Think of the exterior as the desktops your employees use to interact with company data, as well as your web pages and customer portal where third parties come into contact with your products and services.

Equally, think of the interior environment not as an engine with spark plugs and pistons, but as a company database that needs not only anti-virus and malware protection, but also oil and grease in the shape of additional protection services such as firewalls and anti-rootkit protection layers.

OK so it’s a slightly lighthearted somewhat obvious parallel to draw, but if anything an SMB may well be likened to a second hand car rather than something straight out of the showroom. Compromises may have been made here and there to save costs during start up and you may be running with approved re-mould tyres for the first twelve to eighteen months before you start buying brand new equipment.

The key thing to remember here is not to guide the business down a dead end street with no exit straight into an IT security infection.

So, buy a map, fill up on fuel, check the SatNav directions if you have them, ask others who might have traveled the same route beforehand how they found the journey and – as you’re going to want to keep running for as long as you can – find out what the parking is like so you know where the safest place to put down roots is.

The data for the report is collected by AVG’s Threat Labs from the AVG Community Protection Network. It is an online neighborhood watch, helping everyone in the community to protect each other. Information about the latest threats is collected from customers who choose to participate in the product improvement program and shared with the community to make sure everyone receives the best possible protection.

This report takes a look at the last quarter of last year, 2011 and while the full report can be downloaded here, this article will take a look at some of the more poignant discoveries.

Arrival of Printed Malware

Most importantly, Q4 2011 saw the arrival of printed malware through the abuse of QR symbols. QR symbols are becoming popular for mobile users to insert text and URLs into the mobile device without typing, malware included. The report reviews this emerging phenomenon and predicts that this new technique is expected to gain momentum in 2012 and beyond, as the user does not know what lies behind the QR code until the malware is already installed and running.

Fake Antivirus continues to spread.

Q4 2011 saw no abating in the success of fake antivirus products. They have, however, become more sophisticated. The difference lies in the infection method. In this report, we cover an infection method called ‘2nd click redirection mechanism’ which eventually redirects to a Fake AV  scanner (Rogue AV) page that tries to lure users into downloading and paying for an AV scanner which “removes” fictitious malware. 

PC Threats – Rootkits are getting smarter and smarter.

If you think that rootkits are history, think again. Rootkits are alive and kicking. They are evolving to be much more sophisticated, and some interesting samples show up every few months. Rootkits evolved from commercial use (SONY DRM) through to financial use (Greek wiretapping case) to cyber warfare with a very specific target (Stuxnet, Duqu).

Rapid growth of Mobile Threats.

Throughout 2011, we often reported on the rapid growth of malware targeting Android devices; we presented various examples of malicious code and infection methods.  This trend continues to grow, against a backdrop of enormous growth of activated Android devices in the past 6 months, from 100 Million devices (May 2011) to 200 million devices (Nov 2011) and over 550,000 activations daily.

Other points:

• It has become evident that the ‘underworld’ of cyber crimes is organized.
• Malicious websites do not only share traffic, they also share owners.
• Stolen digital certificates have been discovered on the Android mobile platform.

You can Download the full report here and please come talk to us about any of the subjects on our Facebook Community.

“I am currently working in a hospital in my hometown in The Netherlands. I have been working with computers since I was a little boy. One of my favorite past times is to help out colleagues and friends with computer troubles, I find this very gratifying to do!!
I have been an AVG community member for four months now and I really love it! It’s nice to meet new people with the same interests and to help out whenever I can.

I started out using AVG with version 7.5, left it for a while and came back with the 2011 version. I really love this software: it’s light, easy to understand and offers outstanding protection which keeps me safe online!
I recommend everybody to join this wonderful AVG community, I for one am very proud to be part of it!!!”

Related articles

• Introducing AVG VIP: Arsa First (blogs.avg.com)
• Nominations open for Social Brands 100 (blogs.avg.com)
• AVG Community Talks Passwords (blogs.avg.com)
• Introducing the latest Community Award Winners (blogs.avg.com)

There are a certain predictable truths that govern the way small to medium sized businesses (SMB) approach IT security. These truths are borne out of basic operational factors that should help us define the business parameters inside firms in this space. With these certainties (or commonalities at least) on board, we can start to reduce risk and look towards longer-term growth and profits.

So what are we talking about here?

SMBs are actually pretty consistent in terms of their requirements for security software. They want IT security software that a) delivers the right level of protection b) does not impact negatively upon business performance and c) works effectively in the background.

SMBs typically take a ‘generalist’ rather than a ‘specialist’ approach to IT security and IT generally for that matter. Security responsibilities will often be handed to an employee with other administrative responsibilities too and a complete rather than a heavily bespoke/customisable solution will be preferred..

This means that the SMB will spend a comparatively small number of hours in any given week analysing security risks — and so (as obvious as this may sound) logically the firm will need to choose a “comprehensive” solution that automatically updates and keeps track of current threats.

These facts are largely dictated by the “size” of the company i.e. small to medium sized. These same facts give rise to some basic home truths i.e. the SMB is safer to opt for a trusted brand where levels of protection are more “quantifiable and measurable” all round.

The SMB landscape is now starting to populate with companies who have realised the need to lock down their IT security and (in many cases) lay down a written policy for reasons which may even be related to compliance.

Covering risk factors in all four corners.

As firms embark upon more stringently protected future growth paths, an awareness of the full scope of business risk starts to become clear. SMBs the start to see that IT security risk translates directly to a) financial risk b) reputational risk c) market risk and even d) credit risk.

Suddenly the SMB starts to realise that application and data security should become a formal entry on the procurement side of the firm’s balance sheet. After this, the SMB starts to look at related areas such as disaster recovery planning and perhaps even content filtering for the employee’s usage of the web.

This is the very simple thought process that all small businesses need to sit back and consider. Failure to address these issues is leaving an open door open to the risk of a security breach and its subsequent costs.

It is not a complex model to grasp, ensure you follow business truths when they can be identified as easily as this.

Related articles

• Is this IT Security Breach “Stuff” really Happening? (blogs.avg.com)
• SMB IT Security Size Matters, But It Shouldn’t (blogs.avg.com)
• New Year’s IT Security Resolutions For SMBs (blogs.avg.com)

What’s the story?

Nominations have opened for Social Brands 100, a business award that recognizes genuine social media engagement based on a brand’s content and behavior. The awards are organized by Headstream, a UK based Social Media company.

The competition is open to businesses from a wide range of industries. Last year’s report recognized the achievements of brands across retail, consumer goods, media and entertainment, travel, technology and more. It found that any brand can choose to ‘be social’, but it’s not about making noise, it’s about how brands behave with their communities that really counts.

What does this have to do with AVG?

In last year’s report, AVG was placed 15^th, a remarkable position and the second highest for a technology company. This year the competition is set to be fiercer than ever and we want to repeat and even better last year’s performance!

AVG has been nominated and we’d like to encourage all of our community members, on the blogs, forums, Facebook, Youtube and Twitter to investigate the Social Brands 100 award and support the companies that you think deserve your vote.

If you would like to vote for us, you can cast your vote here.

What do I need to do?

More information on the competition and last year’s results can be found at http://www.socialbrands100.com.

You’ll have to be quick. Nominations close on February 10 so check it out and get voting!

http://bit.ly/VoteForAVGTweet

Detections

As far as we know, the sample has been in public view for 4 days(since 2012.1.16). But only 4 AV vendors are reporting it as of now.

That’s generally because most of automated system don’t handle NE file format and HIPS system ignore it , as well as cloud system.

So under current situation, NE malware may exist for a longer period before detected by antivirus software. So it is more threatening to the end user.

Introduction for NE file format

NE (New executable) is elevated from DOS MZ executable format and it is for 16bit windows (Win3.x). Now it has surely been out dated.

Comparing with 32bit PE format, it has ‘MZ’ header, but the signature after DOS header is ‘NE’ instead of ‘PE’. And string in DOS stub is ‘This program requires Microsoft Windows’.

16bit file can run in 32 bit Windows OS with the help of NTVDM(Virtual Dos machine). A separate ntvdm.exe process is created when the file is executed and it’s within the context of ntvdm.exe. That’s why most of the HIPS miss it.

Malware behavior

Most of the malicious action taken by the NE file is  by 16bit api call ‘WINEXEC’ to run 32bit cmd.exe and taskkill with argument.

And the malware drops a 32bit PE and a reg file.

Process creations:

We can see that the malware deletes all shortcuts in desktop/start menu and quick launch. The reg file created by NE contains:

The main purpose is to modify start page.

And the PE file dropped is a simple MFC application that read StartupDVR.ini and run the file specified in the .ini after a time period.

The malware writer didn’t forget the NE file which anti-virus vendors thought it is outdated. NE file could be a new trend of malware carrier so we should aware of it to protect end user.

Related articles

• AVG Mobile Threat Update: Week 3 (blogs.avg.com)

However, if you follow the instructions to watch a video such as this you are often forced to install an application which often disguises itself as an official YouTube app or something similar.

So you realise you’ve been scammed? What to do? You’ve installed one of these apps but now you want rid of it, just follow these simple steps.

1)      Log in to Facebook

2)      Hit the drop down menu in the top right and select Account Settings

3)      Click Apps in the menu on the left hand side.

4)      Click the X on any applications you want removed from your account.

And that’s that! Remember, only follow links that come from a trusted source and that don’t arouse suspicion. Don’t install any apps unless you are 100% sure that they are from a trustworthy provider.

If you are unsure about any apps or messages you are receiving on your Facebook account, get in touch with our Facebook Community who will try and steer you right.

Related articles

• What threats will Web users face in 2012? (blogs.avg.com)