The PowerShift Program puts a world of resources at your fingertips.
Login Page:
http://powershift.netgear.com/ 
Apply to be a Partner:
http://powershift.netgear.com/et.cfm?eid=register
Forgot Password:
http://powershift.netgear.com/et.cfm?eid=resend_password
Not Yet a Partner? Learn More
Language or region not listed above?
Visit our Contact Us page to locate detailed regional contact information using our worldwide map.
Check back soon for deployment of more international websites.
From wireless routers and adapters to Layer 3 Managed Switches we have the networking equipment you need for your home or small business.
Visit NETGEAR.com
Purchase your license key(s) today for your ProSecure® STM and UTM appliances.
Posted By Pete at 3:18 PM, March 27, 2009
Remember the Kido (Conficker, Downadup) worm that has been talked about again and again on this blog (and just about every other security Web site)? Well, just when you think things have settled down, they've (the worm's creators) made it bigger and badder. Variant "C" of the worm has recently hit the scenes and now feature a variety of new tricks that make it even harder to detect than ever before, tricks like replicating itself into 5 different Windows system folders, registering dummy services, and modifying system access control settings.
What's worse, once it infects a PC, it does the following to make sure that it is not easily removed:
• It prevents the host from contacting security vendor sites (No contacting for outside help)
• Disables Windows security notifications and error reporting (You won't even know what hit you)
• Deletes system restore points and prevents starting from safe mode (No going back to better times)
• Cripples and deletes security related processes on the infected machine (It makes it so that you can't even defend yourself)
• Previously, it randomly generated 250 domains a day and contacted 32 of them.
That algorithm was cracked by security experts. Now, it generates 50,000 domains a day and contacts 500 of those, making it nearly impossible to prevent the worm from phoning home.
Sounds bad? Well, the worst part is that the end is nowhere in sight. On April 1st, PC's infected by the worm will begin downloading additional payload (from where is still unknown for the reasons mentioned above). What will this payload contain? Will it contain more attack code? Or will it contain additional methods to prevent detection? No one knows for sure. However, with over 15 million (and growing) infected nodes, this has potential to get very ugly, very fast. In the mean time, remember to back up your critical data, patch and update your system, use strong passwords, and hope for the best.
Posted by: Pete at 3:18 PM
Categories: Malware
TrackBack URL: http://prosecure.netgear.com/cgi-bin/mt/mt-tb.cgi/13