Home Tags ISO

Tag: ISO

IDG Contributor Network: Download Ubuntu 17.10 daily builds

Download Ubuntu 17.10 daily builds The release schedule for Ubuntu 17.10 has been announced, and you can now download the daily build ISO images as well.

Daily builds can be useful to watch the progress of Ubuntu 17.10, but are not recommended for n...

Old Malware Tricks To Bypass Detection in the Age of Big...

Kaspersky Lab has been tracking a targeted attack actor’s activities in Japan and South Korea recently.

This attacker has been using the XXMM malware toolkit, which was named after an original project path revealed through a pdb string inside the… Read Full Article

The Windows 10 Creators Update is now available for manual upgrading

Update Assistant tool lets you install the new version without waiting for Windows Update.

Secure I.T. Environments Achieves New International Standards for Quality, Health &...

Data Centre World, London, 15 March 2017 – Secure I.T.

Environments Ltd, one of the UK’s leading design and build companies of modular data centres, containerised data centres and refurbishment of existing data centres, has today announced that it has achieved new internationally recognised quality management standards for “the design, construction and management and fitting out of data centres, including the infrastructure”.

The newly accredited standards are SOHSAS 18001:2007 (ISO 45001), ISO 14001:2015 and BN... Source: RealWire

Nintendo says dead Switch pixels are “normal,” which isn’t wrong

Industry standards and LCD makers' warranties generally allow for some leeway.

MyLife Digital celebrates ISO 27001 certification

MyLife Digital is delighted to announce its successful certification for the ISO 27001 information security standard.Audited by LRQA, MyLife Digital ran various early initiatives as part of the robust requirements for certification.
It also implemented a rigorous staff training and awareness programme for information security, as well as running effective risk assessment and risk treatment activities.John Hall, CEO of MyLife Digital, commenting on the achievement, says, “As an organisation handling the personal data of millions... Source: RealWire

Measuring up – International Standards for quantities and units are under...

Geneva, Switzerland, 30 January 2017 – What are the correct symbols for bits and bytes? How do you accurately measure the spectrum of light? How do you quantify airborne sound? Consistency in quantities and units is essential for accurate measurement and can only be achieved if everyone is using the same language.

The ISO/IEC 80000 series of Standards does just that, and it is currently under revision.The ISO/IEC 80000 quantities and units series is referenced... Source: RealWire

RHEA-2017:0181-1: rhev-hypervisor bug fix and enhancement update for RHEV 3.6.10

Attention: RHN Hosted will reach the end of its service life on July 31, 2017.Customers will be required to migrate existing systems to Red Hat Subscription Management prior to this date.Learn more here Advisory: RHEA-2017:0181-1 Type: Product Enhancement Advisory Severity: N/A Issued on: 2017-01-24 Last updated on: 2017-01-24 Affected Products: Red Hat Enterprise Virtualization 3 Details An updated rhev-hypervisor package is now available. The rhev-hypervisor package provides a Red Hat Enterprise VirtualizationHypervisor ISO disk image.

The Red Hat Enterprise Virtualization Hypervisor is adedicated Kernel-based Virtual Machine (KVM) hypervisor.
It includes everythingnecessary to run and manage virtual machines: A subset of theRed Hat Enterprise Linux operating environment and the Red Hat EnterpriseVirtualization Agent.Note: Red Hat Enterprise Virtualization Hypervisor is only available for theIntel 64 and AMD64 architectures with virtualization extensions. Solution Before applying this update, make sure all previously released erratarelevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258 Updated packages Red Hat Enterprise Virtualization 3 SRPMS: rhev-hypervisor7-7.3-20170118.0.el6ev.src.rpm     MD5: 1a77910d2286bfcc6d5becb6a94cff33SHA-256: da885432e4969c0a5e54255e6d4ec1f6e0ff846ad492a1f0c50f2e695a3ff319   x86_64: rhev-hypervisor7-7.3-20170118.0.el6ev.noarch.rpm     MD5: 19179cf4d8654d36ba65d887b12d2fd1SHA-256: 8b2483b016aacc7893e63547b4df317b4b8fd7f26fd7e08d60498e8dc1f0ae44   (The unlinked packages above are only available from the Red Hat Network) Bugs fixed (see bugzilla for more information) 1369400 - RHEV-H 3.6 on RHEL 7.3 tracker1379264 - RHEVH 3.6 7.3 should be with the latest rhel 7.3 beta snapshot 51379271 - Include wrong qemu-kvm-rhev package1381112 - [Errno 2] No such file or directory: '/etc/selinux/targeted/contexts/files These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:https://www.redhat.com/security/team/key/#package The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/

Azure Security Center Now Guards Windows Server 2016 VMs

Microsoft has added Windows Server 2016, its latest server operating system, to the roster of virtual machines supported by its Azure Monitoring Agent cloud-based threat protection offering. With the holidays out of the way, Microsoft has returned to r...

Comodo Antivirus 10

Some antivirus vendors release a new version every year, with or without the coming year as part of the product name. Others, like Comodo, follow a simple version-number scheme, releasing a new version when it's ready. With Comodo Antivirus 10 the com...

TrustPort Antivirus Sphere (2017)

These days, you can find almost anything bundled into one antivirus or another—firewalls, spam filters, even password managers.

At the other end of the spectrum are lean, mean antivirus tools that just focus on the task at hand.

TrustPort Antivirus Sphere belongs to the latter group.
It does boast several bonus features, but they're all aimed at that core task.

Alas, it didn't fare well in my hands-on testing, and the independent labs mostly ignore it.

At $22.95 per year for one license or $29.95 for three, TrustPort is easier on the wallet than most of the non-free competition.

Bitdefender, Kaspersky, Norton, Webroot SecureAnywhere AntiVirus, and more than a dozen others charge $39.95 for a single license. However, after working with the product I'm not sure it's a bargain, even at that price.

With the 2017 product line, TrustPort has added "Sphere" to each product name, and changed the user interface considerably.

The small main window boasts a horizontal row of five large, square buttons against a dark gray background.

A green button toggles the on-access scanner, and another configures the anti-exploit component.

There are blue buttons to check for updates, display quarantined malware, and access bonus features.

What you won't see is anything like the big scan button that dominates Trend Micro Antivirus+ Security, Quick Heal, and a few others.

The documentation points out that the on-access scanner should take care of any problems, but that there are several ways to launch a scan. You can scan any drive or folder by choosing from the right-click menu, or select from numerous scan possibilities by right-clicking the TrustPort icon in the notification area.

A full scan of my standard clean test system took 63 minutes.

That's longer than the current average of 47 minutes, but again, TrustPort encourages users to skip the on-demand scan and rely on the real-time scanner.

Labs Mostly Mum

Independent antivirus testing labs around the world put multiple products through grueling tests, all designed to identify those that are the most effective.
I follow five labs that regularly report on their findings.
In most cases, vendors must pay to have a product tested (and reap the reward of learning what areas need work). When a product appears in reports from multiple labs, it means the vendor considered the expense worthwhile, and the labs considered the product significant enough to merit one of their testing slots.

Top antivirus utilities like Kaspersky Anti-Virus and Bitdefender get the highest marks from many labs.
If my simple hands-on tests don't seem to align with the lab results, I give the labs more weight.

Alas, there are very few lab results available for TrustPort.
It doesn't show up in reports from AV-Test Institute, AV-Comparatives, or SELabs.

These three offer the most information about a product's antivirus capabilities.

That leaves Virus Bulletin, with its VB100 and RAP (Reactive and Proactive) tests.
I stopped tracking VB100 a while ago, because a single false positive translates into failure.

The RAP test skews the other direction detail-wise, offering scores measured in hundredths of a percent.

TrustPort's latest RAP score of 85.34 percent is better than average, but that's all the information I have.
I can't build an aggregate lab score from one small data point.

Sharp-eyed users may notice that TrustPort uses two antivirus engines, code-named Argon and Xenon.

These are licensed from AVG and Bitdefender, respectively. However, the labs state very clearly that their results apply only to the actual product tested, not to any licensee.
So only tests of an actual TrustPort product are relevant.

So-So Malware Removal

I installed TrustPort on a virtual machine and waited for the necessary initial update.

Then I initiated my malware-blocking test by opening a folder full of malware samples.

TrustPort immediately started checking them, and quarantining any it found to be malicious. However, the process proved so CPU-intensive that the system was unusable for several minutes.

Admittedly, the average user doesn't just open a folder full of malware and shove the antivirus's face in it.

With G Data Antivirus 2017 and some other competitors, you must respond to a popup notification for each detection.

TrustPort conveniently stacks up multiple detections in a single popup.

The on-access scan eliminated 84 percent of the samples at this point.

I launched each of the remaining samples, taking note of how effectively the antivirus blocked its installation.

TrustPort missed a few, but managed to pull its overall detection rate up to 87 percent.
Its malware-blocking score was 8.5 of 10 possible points, which isn't great, especially with no stellar lab results to offset it. Webroot, G Data, F-Secure Anti-Virus, and a couple others managed 100 percent detection. Webroot earned a perfect 10 points; G Data and F-Secure came close, with 9.8 points.

My malicious URL blocking test starts with a feed of the latest malware-hosting URLs graciously supplied by MRG-Effitas.

These URLs are typically no more than a day or two old.

The malware samples aren't zero-day threats by any means, but they're definitely in the wild.
I launch each URL and note whether the antivirus kept the browser from reaching the URL, eliminated the malicious download, or did nothing at all. When I've got data for 100 valid malware-hosting URLs, I tally the results.

TrustPort's antivirus is at something of a disadvantage here, as the company reserves Web-based protection against malicious or fraudulent URLs for the security suite products. However, it proved quite vigilant at blocking malicious downloads.
In many cases, it identified and blocked the download before I could even hit Save.

That vigilance wasn't sufficient to yield a good score, however.

At 70 percent protection, TrustPort is in the lower half of recently tested products. Norton is at the top, with 98 percent protection.

Avira Antivirus Pro came quite close, blocking 95 percent of the malware downloads.

For most products, I would proceed to test antiphishing capabilities, comparing the products detection rate with that of Symantec Norton AntiVirus Basic and of the built-in protection in Chrome, Firefox, and Internet Explorer. However, as noted, detection of undesirable websites isn't included in TrustPort's antivirus.

Exploit Protection

TrustPort devotes one of its five main buttons to the anti-exploit component.

By default, this component runs in Silent mode, and the average user will assume that means it's offering exploit protection silently. Unfortunately, it isn't so.

The default action in Silent mode is to allow all activity, meaning the anti-exploit component doesn't do anything.
If you take it out of Silent mode, it pops up a notification when it detects chicanery, giving you the option to block or allow a specific action, or mark the program involved as trusted.

To evaluate this component, I turned off Silent mode and attacked the test system with about 30 exploits generated by the CORE Impact penetration tool. Not one of them triggered a notification by the anti-exploit component, though the on-access scanner tagged a dangerous payload for 20 percent of them.

It turns out I just didn't understand the meaning of exploit in this context.

TrustPort doesn't watch for attempts to exploit specific vulnerabilities in the operating system or popular programs. Rather, it looks for programs attempting to manipulate other programs.

For example, it found my hand-written programs that launch Internet Explorer and direct it to malicious or phishing URLs to be highly suspicious.

For a further test, I attempted to install 20 old utilities, programs that work by hooking deeply into the operating system.

TrustPort flagged eight of them, giving me the option to allow or deny the suspicious action.
Strangely, the checkbox to remember my choice wasn't functional, so the popups just kept coming, in every case.
I could end the torture by choosing to trust the program, but I found no other way.

The same menu lets you switch to the application inspector component, disabling anti-exploit.

This component aims to foil zero-day and polymorphic malware by preventing malicious behaviors.
It prevents modification of sensitive file system and Registry areas, active processes, Windows services, and more. When it detects suspicious activity, it asks you, the user, to decide a course of action. You can allow the program, in which case it becomes trusted, with no limits. You can run it with sandbox-like restrictions. Or you can block it, in which case TrustPort kills the process.

I switched TrustPort to use the application inspector and repeated the test with old utilities.

The application inspector flagged six of them for various crimes, among them modifying a protected Registry location, using harmful access privileges, and more.

Two other utilities failed to function properly, with no notice from TrustPort. While both anti-exploit and application inspector flagged eight programs, only two programs got zinged by both.

It's possible to dig deep into settings and fine-tune the way these features work, but few users will go beyond the three basic settings.

The default silent anti-exploit mode does nothing.

The interactive anti-exploit mode blocks activity by some valid programs, and I couldn't end its popup cycle except by trusting the program.

And the application inspector also blocks valid programs, but in a different way.

After experiencing all three, I'm warming to the do-nothing option.

Extra Applications

The Extra Applications button on the main window looks tempting. What could these goodies be? Alas, the average user won't be able to make use of them. Who understands what it means to Prepare BartPE Plugin or to Prepare Windows PE CD?

In fact, both options aim to let you wipe out the most persistent malware by booting into an environment where the malware has no power.
If you dare to choose the BartPE option, TrustPort prompts you to select a folder and then announces that it successfully created the plugin. You're left to research BartPE on your own, and create a BartPE bootable disk including the plugin files.

If you choose instead to prepare a Windows PE CD, you'll find that you can't. Not without first downloading and installing Microsoft's Windows Automated Installation kit.

This just isn't something the average user will do.

Bitdefender Antivirus Plus 2017 handles this same problem so much better. You don't have to fiddle with creating a rescue disk at all. Just choose Rescue Mode and the system reboots into a non-Windows environment where Bitdefender is king. Kaspersky automates the process of creating a rescue disk, and Avira at least lets you download its rescue disk as an ISO file.

TrustPort needs to move away from the über-geeky BartPE and Windows PE solutions.

Not a Winner

With its new name and user interface, TrustPort Antivirus Sphere makes a good first impression. However, most of the antivirus testing labs ignore it, and it earned mediocre scores in our testing.

The anti-exploit component takes no action by default.
If you take it out of silent mode, it pops up warnings about both good and bad programs. Yes, it costs less than most competing products, but the best of those are worth paying more for.

From the many dozens of antivirus products available, we've identified five as our Editors' Choice products.

They are: Bitdefender Antivirus Plus, Kaspersky Anti-Virus, McAfee AntiVirus Plus, Symantec Norton AntiVirus Basic, and Webroot SecureAnywhere Antivirus.

Each has its own virtues.

Back to top

PCMag may earn affiliate commissions from the shopping links included on this page.

These commissions do not affect how we test, rate or review products.

To find out more, read our complete terms of use.

Travel booking systems ‘wide open’ to abuse – report

Let me check my Rolodex... T for Travel Agent ... Legacy travel booking systems disclose travellers’ private information, security researchers warn. Travel bookings worldwide are maintained in a handful of Global Distributed Systems (GDS) built around mainframe computers linked to the web but without adequate security controls, say the researchers. “The systems have since been interwoven with web services, but still lack several web security best practices,” according to researchers from German security firm Security Research Labs. The three largest travel booking systems - Amadeus, Sabre, and Travelport - administer more than 90 per cent of flight reservations as well as numerous hotel, car, and other travel bookings. All three systems use a booking code (aka PNR Locator, a 6-digit alphanumeric string such as 8EI29V) to access and change travellers’ information. This authenticator is printed on boarding passes and luggage tags. The firm claims anybody able to find or take a photo of the pass or tag can theoretically access the traveller’s information – including email address and phone number – through the GDS or an airline’s website. Traveller information is also at risk of hacking because authentication strings can be vulnerable to brute-force attacks, say the researchers. Two of the three main GDSes assign booking codes sequentially, further shrinking the search space needed for a brute force attack. Airlines and GDS systems fail to block IP addresses after a large number of unsuccessful booking attempts, claims the firm. “Given only passengers’ last names, their bookings codes can be found over the Internet with little effort,” the researchers conclude. Obtaining a booking code opens the door to all manner of abuse, the researchers claim. The booking overview typically contains contact information such as phone number, email, postal address, travel dates and preferences, and often passport information. Worse yet, most airlines allow flight changes - some even cancellations for a voucher - potentially allowing hackers to steal flight credits and travel for free. By changing the frequent flyer information in the booking, a fraudster can steal miles without taking any flights. Lastly, knowing details of a booking that has just been made – which is possible in GDSes that use sequential booking codes – creates a launchpad for hackers to target travellers for social engineering, asking for their payment info or frequent traveller credentials, claims the firm. El Reg invited Amadeus, Sabre, and Travelport to comment on the research. In a statement, Amadeus said it was reviewing the findings. Amadeus is assessing the findings of the research on travel industry security, and we have upgraded security to our own properties. We give the security of customer systems and data the highest priority and our systems and processes are under continuous review. We will take these findings into account and work together with our partners in the industry to address the issues that have been exposed here and seek solutions to potential problems. Travelport offered a generic statement (below) saying that it takes security seriously without commenting on the specifics of Security Research Labs’ research. Cyber security and the privacy of customer data are critical priorities for Travelport and an area in which we invest extensively in and lead in. As such, we make ongoing investments in our own systems, and also engage with the various industry bodies we participate in, to implement any changes recommended in support of the general digital travel booking ecosystem. In recognition of our focus in this area, earlier this year, we were the first GDS to be certified for ISO 27001 compliance, an industry standard acknowledging our commitment to responsibly manage both our data and that of our customers worldwide. We’ve yet to hear back from Sabre. “Global booking systems have pioneered many technologies including cloud computing,” the researchers conclude. “Now is the time to add security best practices that other cloud users have long taken for granted.” “In the short-term, all websites that allow access to traveller records should require proper brute-force protection in the form of CAPTCHAs and retry limits per IP address,” they add. Details of the research were presented at the 33C3 conference last week, in a talk entitled Where in the World Is Carmen Sandiego?: Becoming a secret travel agent (slide deck, pdf). A 60-minute video of the presentation can be found here. ® Sponsored: Customer Identity and Access Management