ReadWriteWeb

A new study from research firm Forrester shows that consumer attitudes towards Internet security are significantly changing. Consumers are now more aware of cyber security and are taking more steps to protect themselves on the Web. At the same time, consumers are gravitating to a select group of security vendors with freeware products dominating the industry.

Forrester used data from its Technographics survey over 16 major world markets to note that users are indeed more savvy about the threats to their computers and what they can do about it. The benefactors are the major players in security, most of which have been operating since the mid-1990s, when the first criminal hacker scare and spam started to weed into the mind share of the Internet populace. Norton, AVG, McAfee were the leaders then and are the leaders now. Yet, the vendors are seeing a lot more churn, with consumers dividing brand loyalty among several different products and suites from the major vendors. Have you become more cognizant of Web security in the last couple of years? What kind of products are you using to protect yourself on the Internet?

Recently, we have talked a lot about how hackers can use social networks to get users to download malicious software to their computers. The most effective way for viruses to spread, however, is still email and the "Here you have" email worm that is currently making the rounds makes it abundantly clear that most users are still not able to spot and protect themselves from these threads. The email, which has already affected the networks of major organizations like Comcast, NASA and Wells Fargo, comes with the subject line "Here you have" or "Just For you" and includes and appears to include a link to a PDF file.

NSS Labs has released its latest report: Endpoint Protection Product Group Test Report: Host Intrusion Prevention. As in its recent socially engineered malware protection test, AVG and Panda received "caution" ratings from NSS for their respective enterprise endpoint protection products. Enterprise products from Norman and NSS president Rick Moy's former employer ESET also received "caution" ratings. Norman's anti-malware appliance, however, was recently certified by NSS.

The study examined security products' ability to prevent client-side exploits - attacks that take advantage of vulnerabilities in software such as Adobe Reader or Web browsers. Operation Aurora, which hit Google and many other major companies late last year, is an example of such an exploit.

The final version of Opera 10.60, in addition to running 50% faster than the earlier version, will have AVG security features built in, according to the company's PR chief, Thomas Ford.

Integrated AVG Web Threat Data Feed offers 10.60 following security functions.

• Exploit signatures detect Web pages serving drive‐by downloads
• AVG Online shield detects viruses delivered via social engineering scams
• Reputation lists identify consistently malicious domains and URLs
• Contextual analysis exposes attempts to trick users into installing malware via social engineering scams

This week NSS Labs released their Q2 2010 Corporate Endpoint Protection Products report. NSS has only publicly announced the two products it specifically recommends against: Panda's Internet Security 2010 (Enterprise) and AVG's Internet Security Business Edition 9. However, it takes only a quick look at Trend Micro's web site to guess how NSS rated Office Scan (hint: very well). Some vendors have protested NSS's ratings in the past, but like it or not NSS is changing the way security testing is conducted.

The latest outbreaks of Twitter and Facebook worms have once again shown that while antivirus and malware protection often focuses on dealing with threats once they have already landed on a user's computer, proactive protection is really the way to go on the net. The paid and free versions AVG 9, which launched today, include an enhanced link scanner that can handle shortened URLs and analyze a site in real time.