Fortune companies wouldn't be infected if they had comodo

Comodo Internet Security - CIS Beta Corner - CIS
1 
http://tech.yahoo.com/news/pcworld/20090521/tc_pcworld/confickerstillinfecting50000pcsperday

if you dont’ want to click on the link, here you go

The Conficker worm is still infecting systems at a brisk rate and continues to snag computers in Fortune 1000 companies, according to security researchers.

The worm is infecting about 50,000 new PCs each day, according to researchers at Symantec, who reported Wednesday that the U.S., Brazil and India have been hit the hardest… “Much of the media hype seems to have died down around Conficker/Downadup, but it is still out there spreading far and wide,” Symantec said in a blog post.

Conficker began spreading late last year, taking advantage of a recently patched flaw in Microsoft’s Windows operating system to infect entire networks and also using removable storage devices to hop from PC to PC. Security experts say it has now infected millions of computers worldwide, which now comprise the world’s biggest botnet network.

“We can see that companies that spend literally millions of dollars on equipment and gear to prevent infections … these Fortune companies have had this infection and it’s stayed in their networks for a long period of time,” said Rick Wesson, CEO of Support Intelligence and a member of the Conficker Working Group. “It’s really hard and really expensive, and if the Fortune companies can’t stop it, how can you expect small businesses to do it?”

The Working Group has set up so-called sinkhole servers that can communicate with infected machines. It has spotted infections within many Fortune 1000 companies, Wesson said. “Everybody got hit,” he said. “Even Microsoft still has infections.”

The worm got a lot of media attention in late March, and while the news stories have tapered off, the worm isn’t going anywhere.

Some worried that an April 1 change in the way Conficker received updates could mark the beginning of a new round of Internet attacks, but in reality the Conficker network has been only lightly used, security experts say.

“It’s still a significant botnet. It hasn’t done anything of significance, but it has not gone away,” said Andre DiMino, cofounder of The Shadowserver Foundation and a member of the Working Group. “The remediations need to ramp up.”

“This thing is not dead,” he added. “Everyone has kind of passed it over, but it’s not dead.”

Maybe this is a good time to tell the fotune companys, that comodo would have solved the problem, if fact they didn’t have to change anything to defend agaist conficker. Maybe more companys now will be using comodo

2

I think everyone should be using CIS. It’s better than other paid products, it’s simple and low on resources and most importantly it’s FREE and with no catch.

I don’t know if companies must pay because of commercial use, but i’m sure they prefare paying than getting infected.

:comodorocks:

3

I was thinking about sending a letter to a ceo :slight_smile:

4

They could also use OpenDNS. By default they block access to domains known to spread conficker.

5

OpenDNS is good :slight_smile: It also keeps my friends brother from surfing porn sites. Now, He has to resort to getting a girlfriend :slight_smile: LOL

I wonder what the ceo’s at wallstreet use :o or US marshallels that just recently got infected were using at the time(based on yahoo news).

6

Fortune 500 companies don’t have the time to deal with all of the false positives in the AV.

7

Lol that’s a point.

8

Wow Perfect Post

+1

comodo even with the signature’s is getting to many FP. i will only start using again comodo when they start to analyse better their samples

9

Keep heuristics at the default low setting and there are no FP’s.

10

In an enterprise environment they don’t even need an AV with CIS.

Why?

Because they will lockdown PCs to only limited no of applications. Unlike the consumer’s PC, in an Enterprise PC the sys admins do NOT want the employees to install any applications. So the only time where AV might be useful in a Default Deny system is the user’s action (eg: allowing an alert by mistake), which means AV is not required for Enterprise Systems in a default deny configuration. Sys admin will deal with all the new apps not the employee.

So CIS is the perfect solution for Enterprises as it will prevent malware and prevent employees introducing applications that they are not supposed to and cut down support issues as well as licensing issues.

Melih

11

This right here gentlemen is GOLD.

This is exactly how i use CIS, (v3.13). No AV, no frills just D+ = just total lockdown of the pc. I’ve this config on my, sisters and dad’s laptops.

Now if only i could convince my dad’s company (500,000+ employees, 80,000+ PC’s) to run this approach. ;D
By the way, they use “eScan”. :stuck_out_tongue:

12

Whoever the CIO in that company must think about the liability he is putting the company in as well as his personal liability.

Melih

13

CIO = chief investment officer??

I think the IT guys are lazy and dont want to think/work too much. Just buy a AV solution, install and you’re done. Pretty scarry. Though they do use a proxy and all that. All PC’s are running admin. 88)

The deal is, he works for the Government (3rd world country) and they dont use the pc for anything. its all paper files and all that … so i guess is not that bad. ;D

I think a lot of corporates here in my country and unaware of the default deny approach, most of them still rely on the AV … stupid, but what to do… :stuck_out_tongue:

14

One of which would be a browser, thereby providing the revolving entry door for malware. :wink:

15

Cheif Information Officer

16

Just curious. How many enterprise customers does Comodo have now?

17

I Strongly believed in the POWER of CIS since the FIREWALL alone in the past years.
I’m PLANNING to SEND a LETTER to the
#1 2G and 3G Cell Site Network & WIRELESS BROADBAND Provider here in Philippines” Many of my Friends are using Full CIS now associated with MBAM, SAS, SPYBOT and A-SQUARED.

:comodo110: :comodo110: :comodo110:
:comodo110: :comodo110: :comodo110:
:comodo110: :comodo110: :comodo110:

18
Now if only i could convince my dad's company (500,000+ employees, 80,000+ PC's) to run this approach. Grin By the way, they use "eScan". Tongue
show him this site http://www.matousec.com/projects/proactive-security-challenge/results.php

explain to your dad that it would be cheaper and more secure also the IT departments are AGAINST it because it’ll require more work to switch and installing a more secured network with comodo (IT Deparments will create any excuse not to do it because there lazy). After they install comodo, they can go back to being lazy again.