HBGary Releases Aurora Detection Tool (clean, fix, delete, remove malware)

Custom Search

Hack in The Box
TechAirlines
Wallpapers
Computer Forensics Boot Camp
Electricity Prices
Texas Electricity
Electricity Rates in Texas
Electric Companies in Texas
Experts Galaxy
NewsApp Portal

[Welcome to SCforum.info - Security [CENTRAL] Forum]

Welcome to SCforum.info - Security [CENTRAL] Forum, a home of the SCF Community devoted to provide Computer related News, Alerts, Downloads and FREE Help in such a way that even the novice computer user can understand.

Getting started using our community is extremely easy, check the two steps below:

Step 1: Create an account by clicking here and wait for approval from Administrator. It's completely free with no hidden strings attached.

Step 2: If you have a computer problem and need some help, or just want to take part in opened discussions, simply browse Forum. Once you *Register an account, you can quickly post your questions and comments.

(*Registered Members get: free support, also, they can communicate privately with other members via PM, removal of this message, see fewer ads and much more...)

[Samker]

Security vendor HBGary has released a free software tool that can remove "Aurora" malware, linked to corporate espionage at more than 30 companies: http://www.mcafee.com/us/threat_center/operation_aurora.html

Called the Aurora Inoculation Shot, this utility will remotely scan Windows machines over the network for signs of Aurora and can remove the malicious software as well: http://www.hbgary.com/products-services/inoculation-shot-aurora/
It uses the Windows Management Instrumentation services to carry out the inoculation.

Although Aurora has been linked to attacks on just 34 companies, the software has captured the attention of corporate executives, because some believe that is connected to a widespread industrial espionage campaign originating from China.

Last month, Google admitted that it had been hacked by Aurora software and the company's security team gained access to a command-and-control server that held data linking the attack to other major companies such as Adobe Systems and, according to reports, Symantec, Juniper Networks, Northrop Grumman and Dow Chemical.

Security experts have now identified a dozen other Aurora command-and-control servers that may be collecting data on other companies, but many of those servers are hosted by ISPs that have not cooperated with investigations.

At this point, experts are divided on whether Aurora is important because it represents a widespread campaign, possibly condoned or even sponsored by the Chinese government, or because Google took the unusual step of admitting that it had been hacked.

According to HBGary CEO Greg Hoglund, the Aurora malware is similar to many other programs that have been used by criminals for years now. "The Aurora stuff isn't that complicated," He said. "It smells like any other criminal malware that's out there."

Although Google made the Aurora hack a point of negotiation with the People's Republic of China, "there's no hard evidence anywhere that shows that China's government has anything to do with it," Hoglund said.

Despite all the attention Aurora has received, the problem "hasn't gone away," Hoglund added. "It's still out there and operating."

That's why HBGary has made the inoculation software available. The company has also released a report outlining what is publicly known about the malware. "We're the first ones to release a concise report that brings all the data to one spot," he said: http://www.hbgary.com/press/hbgary-threat-report-operation-aurora/

(PCW)