The PowerShift Program puts a world of resources at your fingertips.
Login Page:
http://powershift.netgear.com/ 
Apply to be a Partner:
http://powershift.netgear.com/et.cfm?eid=register
Forgot Password:
http://powershift.netgear.com/et.cfm?eid=resend_password
Not Yet a Partner? Learn More
Language or region not listed above?
Visit our Contact Us page to locate detailed regional contact information using our worldwide map.
Check back soon for deployment of more international websites.
From wireless routers and adapters to Layer 3 Managed Switches we have the networking equipment you need for your home or small business.
Visit NETGEAR.com
Purchase your license key(s) today for your ProSecure® STM and UTM appliances.
Posted By Jason at 5:11 PM, October 31, 2011
For the past two years, we are NETGEAR ProSecure have been advocating the need to ask "How well does my security system actually work?"
Posted by: Jason at 5:11 PM
Categories: General , Malware , Viruses , Worms
Posted By Netgear Threat Lab at 1:37 PM, November 6, 2009
Description of Report (Troj.Downloader.JS.Agent.bgt):
This malicious program exploits vulnerability CVE-2008-4699.
The Peachtree Accounting ActiveX control (PAWWeb11.ocx) with CLSID:2BCEAECE-6121-4E78-816C-8CD3121361B0 is prone to a remote code-execution vulnerability. The vulnerability is caused due to the PAWWeb11.ocx ActiveX control containing the insecure method "ExecutePreferredApplication()". By persuading a victim to visit a specially-crafted Web page, an attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the user.
Affected Version: Peachtree Accounting 2004
Posted by: Netgear Threat Lab at 1:37 PM
Categories: Malware , Netgear Threat Lab , Viruses
Posted By Pete at 5:05 PM, October 29, 2009
AV-Test.org and Tolly have released their UTM virus detection comparison report. In the report the ProSecure UTM10 was pitted against all-in-one solutions from Sonicwall, Fortinet, and Watchguard.
The test consisted of two parts:
1. Wildlist malware detection
2. Zoo malware detection
The results really highlight the lack of emphasis on the "security" aspect of existing all-in-one solutions.
While we see a big emphasis being put on throughput, the truth is, throughput from existing multifunction firewalls is fine at our current WAN connection speeds - even with all security enabled.
What you need is better protection.
And our ProSecure UTM was architected from the ground up to provide you just that.
You can download the full report here
Posted by: Pete at 5:05 PM
Categories: General , Malware , Viruses
Posted By Netgear Threat Lab at 5:28 PM, October 26, 2009
Description of Report (Troj.Downloader.JS.Agent.edg):
The Office OCX Word Viewer OCX ActiveX control with the CLSID:97AF4A45-49BE-4485-9F55-91AB40F288F2 is prone to a remote code-execution vulnerability. The vulnerability is caused due to the use of the insecure OpenWebFile() method. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to download arbitrary executable files to the victim's system and execute arbitrary code on the system with the privileges of the victim.
Affected Version: Office OCX Word Viewer OCX 3.2
Posted by: Netgear Threat Lab at 5:28 PM
Categories: Malware , Netgear Threat Lab , Viruses
Posted By Pete at 12:43 AM, September 14, 2009
Nine months into 2009, and we've already seen record setting growth in malware. This exponential growth does not look like it is going to stop any time soon. As the malware industry cranks out more malware, those of us in the security industry are busy keeping up so that networks all over the Internet can remain safe.
As of now, the STM has over 3 million malware signatures on the appliance, up from 1.6 million at the start of 2009.
On the other hand we have the UTM, now with over 1 million malware signatures, up from 600 thousand only half a year ago.
We pride ourselves in bringing the best malware (virus, spyware, adware, trojan, keylogger, rootkit, backdoor...etc) protection for small to medium businesses and will continue to counter each and every threat that emerges onto the Internet.
Posted by: Pete at 12:43 AM
Categories: General , Malware , Spyware , Viruses
Posted By Pete at 10:45 AM, July 27, 2009
Just a heads up - There is a new Adobe Flash Player vulnerability (again).
An excerpt:
"A critical vulnerability exists in the current versions of Flash Player (v9.0.159.0 and v10.0.22.87) for Windows, Macintosh and Linux operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat v9.x for Windows, Macintosh and UNIX operating systems. This vulnerability (CVE-2009-1862) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild via limited, targeted attacks against Adobe Reader v9 on Windows."
There is currently no fix for it, however the malware used for exploit is detected as Exploit.SWF.Agent.bs in our malware library. According to Adobe a fix should be available for it on July 31st.
Please proceed with caution when browsing unknown and shady looking sites (especially links from spam!).
Posted by: Pete at 10:45 AM
Categories: Malware , Viruses
Posted By Pete at 5:33 PM, July 24, 2009
Now that we've had some time to look back at the DDoS attacks on many of our government Web sites a couple of weeks ago, a few things are apparent:
1. Trojan.Win32.Agent.cper - This is a variant of the infamous MyDoom email worm. It was the worm that infected the 60,000+ PCs that were used in the attacks. MyDoom made its debut in 2004, that's right - more than years ago! Malware is malware, no matter how old, they are just as deadly. Protection against the wildlist alone is simply not enough.
2. This is a new form of warfare - In today's internet, one can accomplish creating massive damage upon one's enemies by attacking critical network infrastructure. We are only going to see more of this in the future.
3. If this is warfare, the zombie PCs in the botnet were essentially troops - An astonishing 60,000+ PCs were part of the botnet uses to (unknowingly) attack US and South Korean sites.
4. Cyberweapons - Using the same analogy, malware authors are literally cyber arms manufacturers and dealers. Malware has gone commercial and has its own underground eco system to support it. Malware is bought and sold just like goods in real life. The more effective the malware, the more its worth.
5. Secure the end point, secure the network - The government probably spends a lot of (tax payer) money to secure their network assets, however perhaps not enough emphasis has been put on securing the millions of PCs within the country. If the average computer user is more educated on computer security and thus bringing down the infected ratio, wouldn't the bad guys have a lot less to work with?
Posted by: Pete at 5:33 PM
Categories: General , Malware , Viruses
Posted By Pete at 11:35 AM, July 20, 2009
NETGEAR ProSecure's Senior Product Line Manager Jason Leung's article on computer viruses was featured in Vertical Systems Reseller. In the article Jason explains how viruses both biological and computer borne have similar characteristics in the way they propagate and mutate. He then goes into the best approach to take to protect your network from these types of threats.
You can read the entire article here.
Posted by: Pete at 11:35 AM
Categories: General , Malware , Viruses
Posted By Pete at 2:53 PM, July 10, 2009
Over the past week, many US government Web sites such as the Whitehouse and Department of Defense plus a handful of well known commercial sites like Amazon.com, as well as well known sites in South Korea have been under siege from waves of Denial-of-Service (DoS) attacks. The attacks first started to emerge on July 4th with varying degrees of success. Some sites such as the Treasury Department and Federal Trade Commission were shutdown while others did not experience any interruption in service. Since then, there have been multiple waves of similar attacks, creating more chaos amongst many US and South Korean sites. There have been some reports of the attacks having North Korean origins, however they have been unconfirmed.
Security researchers have estimated that a botnet of approximately 60,000 compromised PCs carried out the attacks. Those PCs were infected with an updated version of the MyDoom virus.
What's even more interesting is that the virus downloads addition payload - one of which is a file that causes the infected PC to self destruct. Reports of PCs used in the attacks self destructing have already began to surface. The attacker(s) might be doing this to cover their tracks. With so many under-protected PCs throughout the world, there is only going to be more of such incidents. We'll continue to follow these events as they unfold in the coming days.
The following US Web sites were hit:
Posted by: Pete at 2:53 PM
Categories: General , Malware , Viruses
Posted By Netgear Threat Lab at 2:19 PM, July 2, 2009
The adoption of social networking has spread like wild fire the past few years. It has become a mainstay as one of the major activities people participate in when on the Internet. However, at the same time, its popularity has attracted the attention of malware authors and other cyber criminals. After using Facebook and MySpace as a means to spread malware, they have now turned their attention to Twitter. A new virus utilizing Twitter has caught our eyes.
This new Twitter does not use "tweets" to spread, but instead is another type of email spam based phishing attack. The bait this time - is the trust users have for official invitation emails from Twitter itself.
The user will receive an invitation email from invitations@twitter.com with the subject being "Your friend invited you to twitter!". The contents of this email are identical to real invitations from Twitter with one exception: the invitation URL in the email is fake and does not lead to the Twitter Web site. Instead, it's a link to a Invitation Card.zip file. This zip file contains the virus Trojan.Win32.Buzus.anee. This virus infects Explorer.exe and will at theinstruction of its creator, download more malware onto the infected desktop.
With more and more people utilizing social networks as part of their everyday lives, attacks that exploit these social networks only look to be more common. The next time you receive a tweet or a app invite on Facebook, look twice before you click.
Posted by: Netgear Threat Lab at 2:19 PM
Categories: Malware , Netgear Threat Lab , Phishing , Spam , Viruses