McAfee released a new tool that helps small and midsize businesses centralize management of protection against viruses and spyware. The tool, dubbed the McAfee ProtectionPilot, was unveiled Wednesday and is part of the new McAfee SMB Editions product suites.

According to David Roberts, senior vice president of channels for North America at the Santa Clara, Calif.-based vendor, the new product will be sold exclusively through the channel.

"This is designed to make it easy for channel partners to get into managed services for the small- and medium-size business market," he said. "As we looked at the needs of the SMB customer, we realized that it was best to let our channel partners help them out."

Specifically, the ProtectionPilot gives customers a graphical dashboard that coordinates realtime virus and spyware information from all over the network. It also boasts a threat information monitor that automatically shows emerging viruses of medium and higher importance as identified by McAfee AVERT.

In an effort to resurrect its maligned managed security service effort, McAfee will unveil this week a new service to provide small and midsize businesses with hosted antivirus protection.

Available only to solution providers in McAfee's SecurityAlliance partner program, the new Partner Security Service gives solution providers a more flexible contract under which to work and offers expanded upselling opportunities, the partners said.

Anti-virus vendors are raising the alarm over another batch of Bagle worm mutants crawling through e-mail networks.

The latest variants have been equipped with Trojan horse downloaders and new propagation techniques that have led to wide distribution, according to a warning from Lynnfield, Mass.-based Sophos Inc.

A critical vulnerability was spotted Thursday in the anti-virus engine used by Trend Micro's entire line of client, server, and gateway security products, the third such disclosure this month of flaws in major security firms' software.

As in the other two instances with Symantec and F-Secure, the Trend Micro vulnerability was discovered by Internet Security Systems, an Atlanta-based security provider, and revolved around the processing of a compressed file format.

The FBI reports that unsolicited e-mails which look like they come from fbi.gov contain attachments with a computer virus in them. The FBI is investigating this matter. It says its unrelated to a security breach that happened earlier this month.

The e-mails state that recipients have been to illegal web sites and that "Internet Fraud Complaint Center" is monitoring how they use the internet.

The FBI states: "Recipients of this or similar solicitations should know that the FBI does not engage in the practice of sending unsolicited e-mails to the public in this manner."

The merged Symantec Corp. and Veritas Software Corp. will become a leader in more than a half-dozen product categories. The post-merger Symantec will be not only a dominant security vendor but also a front-runner in backup, recovery and utility computing.

To capitalize on that opportunity, the merged company must integrate two disparate product portfolios, ease investor worries and convince enterprise customers that bringing security and backup together will help them manage their networks more efficiently.

If Microsoft Corp. doesn't do more to stem Internet attacks, the company risks further alienating customers unhappy with the multitude of threats already facing its ubiquitous software.

Sell its own security products, on the other hand, and Microsoft faces a potential backlash from some of its allies — the companies that now provide an extra layer of security for its Windows operating system, Internet Explorer browser and other products.

With a powerhouse like Microsoft becoming a direct competitor, they could get squeezed out.

Last week, Microsoft Chairman Bill Gates (news - web sites) confirmed plans to sell antivirus products to both consumers and big businesses by the end of the year. But the Redmond company is mum on cost and features.

A Microsoft presentation at this week's RSA Conference has some observers concerned about a recurring nightmare of computer security: Rootkits.

A rootkit is a malicious program that uses system hooks to conceal its presence on the system. For instance, it monitors if the user opens the Windows Task Manager in order to keep itself out of the list of processes. It filters directory listings to remove its own files from them. The rootkits could be everywhere, living among us, and we wouldn't know!

Build a big user base and the malicious-code writers will come. That's the logic that analysts and security software companies alike are following as they warn that smartphones and other mobile devices will become significant targets for security threats in 2005. In response, antivirus company Trend Micro is offering a free download and updates for one of the first software products for protecting smartphones and other handheld devices.

Trend Micro Mobile Security software is available at www.trendmicro.com/ mobilesecurity and will remain free until June 2005. On its initial release, the software supports Microsoft's Windows Mobile 2003 operating system. In January, an update will support the Symbian OS 7.0 with UIQ 2.0/2.1. The software works very much like antivirus software on a PC and also protects against SMS (Short Message Service) spam.

Security experts have raised the risk assessment to medium on the recently discovered Mydoom.bb@MM worm, also known as Mydoom.bb, after receiving reports that the infection is spreading in the wild.

According to McAfee's Avert antivirus team, more than 50 reports of the virus being stopped or infecting users from the field have been recorded. Most of these reports have arrived from the US, though Avert has also received reports from Australia and the UK.

A Louisianan has pleaded guilty to sending an email virus that caused WebTV users' computers to dial the 911 emergency service without their knowledge.

David Jeansonne of Metairie, Louisiana admitted he sent email to 20 WebTV subscribers carrying a virus in an attachment in July 2002. Once opened, the attachment changed the dial-in telephone number in the user's WebTV box to 911. The next time the user attempted to log in to WebTV, the computer dialled 911 instead of the local modem telephone number supplied to the user by WebTV to access its servers in Santa Clara.

"This prompted unnecessary emergency police dispatches at numerous locations around the country in July 2002," said the U.S. Attorney's office for the Northern District of California in a statement.

"At least 10 WebTV users reported that the local police either called or visited their residences in response to the unnecessary 9-1-1 calls."

The 44-year-old man faces up to 10 years in prison and a fine of $250,000.

Security vendor Symantec Monday unveiled a new version of its flagship anti-virus software that includes tools to remove spyware and repair any resulting damage. The product, Symantec AntiVirus Corporate Edition 10.0, was launched at the RSA Conference in San Francisco.

While Symantec's anti-spyware capabilities come months after competitors McAfee and Check Point Software Technologies launched their own wares, the Symantec product is the first to feature spyware repair tools. According to Kevin Haley, group product manager, this is precisely what sets the Symantec product apart.

Hewlett-Packard on Friday rolled out a software add-on for its ProLiant servers and HP BladeSystem that shuts down the inside-the-network spread of worms or viruses within milliseconds.

With the catchy name of Virus Throttle, the software eschews the traditional anti-virus technique of comparing possible malicious code against a database of signatures, and instead watches for virus-like behavior and then quarantines the infected machine until an administrator can figure out what's going on.

As part of an aggressive drive to expand channel sales, security vendor McAfee this week will launch a deal registration program for eligible channel partners selling certain high-end products.

The deal registration program applies to some 500 solution providers selling the company's intrusion prevention solution (IPS) and antivirus appliances.

The days running up to Feb. 14 are when employees are at the greatest risk of running afoul of company e-mail policies, a message firm said Tuesday.

Clearswift warned workers not to fall for the e-mail and Web security pitfalls that are prevalent around Valentine's Day.

Along with the plethora of patches released Tuesday, Microsoft also revised its free Windows Malicious Software Removal Tool for the first time, and as promised earlier, automatically added it to Windows XP users' download lists when they accessed Windows Update.

The tool, which debuted last month, has been enhanced so it now detects and deletes -- or tries to -- all instances of the Korgo, Netsky, Zafi, and Randex worm families.

Malware aimed at disabling Microsoft Corp.'s anti-spyware product has been discovered by security experts who expect the virus to be the first of many to follow.

The Trojan horse, which is also designed to steal online banking passwords from Windows computers, was discovered by security experts at Sophos Plc and Symantec Corp.

Symantec on Tuesday released patches for a vulnerability found in a large number of its products, including flagship titles such as BrightMail AntiSpam, AntiVirus Corporate Edition, and its 2004 consumer slate.

According to rival Internet Security Systems' X-Force research group, which discovered the flaw, the bug is in the DEC2EXE module of the Symantec Antivirus Library, a part of the scanning engine that's able to peek into compressed executable files squeezed with the UPX (Ultimate Packer for eXecutables) format.

A worm spreading via the MSN Messenger instant messaging client carries a piggyback payload that's even more dangerous: a second worm that opens a backdoor and lets hackers hijack the PC.

The newest variant of the Bropia worm -- tagged as Bropia.f, Bropia.g, Bropia.e, or Bropia.j by various anti-virus firms in an unusual display of naming chaos -- spreads through MSN Messenger. Users who receive the file and open it see a mildly-funny .jpg of a roasted chicken posed to resemble a naked sunbather, complete with tan lines.

This new virus is reportedly utilizing the latest CNN headlines to make its email subject lines appear more legitimate.

The attachment with the email, when executed will install a back door Trojan and a keystroke logger could also snare a victim's log-in information.

Sophos who has identified the virus is classifying it as a worm.

This is not the first worm to use the concept of dynamic content to appear legitimate.

Symantec, one of the world’s largest security software firms famous for the Norton brand name is expected to announce a plug-and-pay email security email appliance in conjunction with its partner IronPort.

IronPort looks to be part of a four year deal to bundle Symantec software with its appliances.

As information security becomes a more and more lucrative market, analysts are suggesting that a long term relationship to be unlikely. For now though, Symantec will be increasing their user base and strengthening their market share.

Following a report on the Australian whirlpool forums, there is a new possible worm in the wild. Similar to ‘Slammer’ and ‘SQLSnake’ in that it targets vulnerable MySQL servers, there is potential for this new worm to wreak havoc.

 SANS Internet Storm Center is suggesting that a rise in port 3306 scans could be a result of this new worm. Apparently the worm creates a file called ‘spoolcll.exe’.

Recommendation:

Until this worm has been identified and a hotfix or solution provided, it is recommended that Admin’s of Windows MySQL systems keep a close eye on their boxes and the above file appearing on their machines.