Bitdefender Total Security 2013 Review and License Give Away!

Take one of the best anti-virus products out there and integrate a ton of client and online security add-ins and what do you have? Bitdefender Total Security 2013!

Again this year, Bitdefender has provided Cyberarms a review copy of its latest Total Security product for us to put through the ringer, and again it did not disappoint.

Okay, I am not going to spend a lot of time covering the antivirus engine this year. We covered the 2012 version and it received top marks. Even PC Mag gave Bitdefender’s Antivirus Plus 2013 its Editor’s Choice Award. This year I want to spend more time covering some of the new and updated features.

I will say though that the 2013 release seems just as robust against malware and phishing attempts, and better in some circumstances. In testing, 2013 correctly detected some compressed exploit files from a security conference that were in a huge zipped compilation. The drive was scanned with 2012 and the files were not detected.

Actually, Bitdefender anti-virus is the bane of my security research existence. 🙂

Let me explain.

I use Bitdefender on a couple dual purpose machines that are also used for security research.

I have to uninstall (not turn off!) Bitdefender from these machines when I play with Backtrack 5 and the Metasploit Framework. No matter how many times I encode or pack a malicious payload with Metasploit, Bitdefender catches and blocks it. And this is with Backtrack running in a virtual machine. Even with active scanning and the firewall service turned off, it still identifies and quarantines the payload. I have to completely uninstall Bitdefender from the machines to be able to perform Metasploit mayhem with them.

My only qualm about the anti-virus is that it seems to take a very long time to perform a full scan. But I usually set the scan engine to aggressive and scan every file.

The Anti-Virus engine is excellent, let’s move on.

Administrator Control Panel

One of the first things you will notice, if you are logged in as an administrator, is the control panel interface. The red “x” means that there is an issue that should be taken care of right away.

In this instance, the virus update had not been run in several days.

Simply clicking on the center of the control panel shows you what the issue is and how to remedy it.

The number in red tells you that there are events that should be reviewed, and how many there are to check.

Firewall activity – Displays a bar graph of Firewall activity. If you click on the Firewall Activity button, you can modify firewall settings, change rules or check network activity. They also have a pretty nifty “Paranoid Mode” that allows you to view every communication attempt with the option to either block or allow. This could be handy if you are investigating a possible breach in progress or monitoring strange communications.

Scanner Activity – The progress bar on the right side of the control panel shows scanning progress. Clicking on the scanner activity button allows you to view and modify anti-virus settings.

What is great is if you have a suspicious file or folder, you can just drag and drop it on the control panel and Bitdefender will scan it for you.

If there are no issues or event news, the control panel will look like this:

Finally, clicking on the ID Badge at the bottom will take you to the My Bitdefender page.

My Bitdefender

Apart from malware and e-mail phishing attempts, Identity Theft, and social engineering attempts through social media sites are top targets for the cyber criminal.

Twitter and Facebook protection are included in Total Security 2013. Just run through the quick setup in each and Bitdefender protection is extended to these social media programs. Incoming links from these sites are scanned for threats. Setup is fairly quick, and like all Bitdefender applets, it runs silently in the background.

Safebox brings Dropbox like features to Bitdefender. You get 2GB of free encrypted cloud storage included. It is very easy to create new folders, upload data and share files with other PCs, or mobile devices. It even gives you a Windows like Recycle Bin in case you deleted a file and change your mind.

SafePay

What a great idea, whenever you go to do online secure banking transactions, Bitdefender drops you into a barricaded session that protects both your wireless session if you are on Wi-Fi and a virtual keyboard to protect it from being sniffed by hackers.

Though an incredible idea, I did have problems with this. When your computer enters this protected Safepay session, you enter a sandboxed browser. Getting back out of it though, to check an account validation e-mail for example, was not very intuitive.

Once I exited the sandboxed session to get my validation e-mail so I could log in, it created a new session with my banking provider, so I would have needed another validation e-mail.

Though not perfect, this is a huge move in the right direction. Especially for PC users that need to use public networks for banking or shopping.

 Mobile Anti-Theft

Another new cool feature, Bitdefender allows you to view the location of your PC or mobile device, and gives you the option of remotely locking it or even wiping it. After installing the Anti-Theft app, the location of your device shows up on a Google map. Though not completely accurate for a PC without GPS (my computer showed up about a mile away from my house), this could be very handy for locating lost or stolen Mobile devices.

Conclusion

This was just a quick look at some of Bitdefender Total Security features. There are several others that I did not mention. If you want one of the best anti-malware solutions loaded with extra security features, that doesn’t inundate you with pop up warnings and messages, look no further than Bitdefender Total Security 2013!

GIVEAWAY

Want a chance to win a license for a full copy of Total Security 2013? Cyberarms in conjunction with Bitdefender is giving away 5 licenses of the award winning software. Simply share a link to this review on your favorite social media site. Then place a copy of the link in the comments field below. Winners will be chosen at random in two weeks (August 9th) from links in the comments section.

Don’t want to wait, why not try out Bitdefender’s excellent protection now? Go to Bitdefender’s website and click the “Try it FREE” link to download a time limited trial.

*** The contest is now over, congrats to our winners! ***

Bitdefender 2012 Internet Security Suite Review & Total Security 2012 Giveaway

I was recently asked by Bitdefender to check out their latest version of Bitdefender Internet Security Suite 2012. They provided a couple copies of the software and I ran it through the paces. The results were very impressive.

Installation was very clean and simple. Once installed I quickly fell in love with the Auto Pilot mode.

One of the biggest complaints that I have heard over the years from users is how complicated internet security suites are to operate. I have fielded countless calls from co-workers and family members alike saying, “My anti-virus is asking me to do something, what should I click?” or “It found a virus, which option should I choose?”

Auto Pilot mode takes away the confusing questions, sets the software to default levels and runs silently with very little user interaction.

But what if you like “getting under the hood” and tweaking your settings? Bitdefender does not disappoint. When I dug into the settings from the control panel, I found a plethora of options and features that I could modify.

Sure you can set the Anti-Virus and Anti-Spam engine to modes ranging from permissive to aggressive. Or modify firewall rules and enable the Intrusion Detection System. But it was the vulnerability scanner that really caught my attention.

Let’s be honest with each other, what are the biggest problems with securing PC’s? Having an anti-virus and firewall alone will not completely protect you. You have to have your Windows patches installed, applications need to be kept up to date and you have to use secure passwords.

Bitdefender’s vulnerability scanner does just that. It checks for Windows updates and allows you to install them right from its console. It also checks some key applications that you have installed for updates and checks your user passwords for length and complexity.

Okay, it is packed with features, but how well does it do under attack?

Exceptional actually, it detected every test virus that I tried to run.

On an infected PDF that it could not clean it gave two options. One was to “Take the proper action” or “Take no action”. Clicking the first option successfully quarantined the virus. No confusing questions or options here.

The anti-phishing and malicious website protection was stellar. Numerous times Bitdefender displayed a large “Stop” warning page when trying to surf to questionable sites. And Bitdefender was the only anti-virus that I have seen yet to successfully stop the malicious Java script attack from Backtrack 5’s Social Engineering Toolkit.

Bitdefender Internet Security Suite 2012 does seem to draw a lot of resources, especially when everything is turned on and the scanners are set to aggressive. Also doing a full system scan seemed to take an extended amount of time.

But personally I would rather have the extra level of protection provided with aggressive scanning. Bitdefender also offers a “quick-scan” option that interestingly uses the power of the cloud to scan key files in memory.

I was very impressed with Bitdefender Internet Security Suite 2012 and highly recommend it.

Want a chance to win a license of the full blown Total Security 2012?

Total Security has all the great features of the Internet Security version but adds file shredding & encryption, system tune up and secure online backup. Bitdefender has graciously offered 5 licenses of the software (for a single user, on a single computer, for one year) as a give away.

For a chance to win one, simply download the trial version, share your thoughts of the trial version here, your blog, Twitter, or even Bitdefender’s Facebook page, then share the link to it in the comment section below and get a chance to win the full product.

*** UPDATE – The giveaway is now over and the winners have been notified. Thank you very much for making this such a success!

Why Anti-Virus can’t Protect you from all Viruses

Very frequently I get asked, “Why didn’t (Insert your favorite AV program here) stop the virus from infecting my computer?” Well, the simple answer is, it was created to bypass it.

People writing exploits know that they must get their virus past Anti-Virus. They also know that most Anti-Virus and intrusion detection programs base protection on signature matching. So they obfuscate their code to bypass it.

At first, hackers found that adding random text strings to the beginning of old, already detected viruses allowed them to bypass scanners. They would actually cut and paste readme.txt files to the beginning of the exploit. Anti-virus makers have figured this out and adjusted their scanning tactics.

Now, most hackers will use an encoding program to modify the exploit code. Several exist, but one of the best I have seen is Shikata_ga_nai. The name comes from a Japanese phrase that literally means “Nothing can be done about it.”

These take the exploit code and modify it so it looks completely different to an anti-virus scanner or an intrusion detection system. Sometimes once through the decoder is not enough to trick a strong scanner, so the programs allow for multiple encoding passes.

I have never seen any anti-virus detect an exploit code that has been passed through Shikata_ga_nai more than twice.

When encoding malware, it is common for a hacker to upload the encoded exploit file to a site like VirusTotal to check it against multiple anti-virus signature bases to see if it would be detected. If the website scanners do not detect the virus, they know they have a pretty good chance of sneaking it past the real thing.

In actuality, many “state of the art” botnets are simply recreations of older ones that have been updated and encoded. Many large corporations have given up depending on anti-virus and intrusion detection systems to stop these threats and instead believe that Network Security Monitoring (NSM) is the answer.

NSM is basically recording all traffic, and looking for suspicious patterns. If you want to learn more, Richard Bejtlich talks about this subject in-depth in his book “The Tao of Network Security Monitoring”. Bejtlich is a security expert, author, presenter and the head of GE’s IT security response team.

Many of the modern advanced threats easily bypass anti-virus and then download other viruses onto your machine. Usually Spammer type viruses. The modern threat creators sometimes actually get paid by spammers to download these additional threats to your system.

This is why you usually don’t get a single virus, but multiple infections when you get a newer virus. And this is why cleaning up viruses in a machine with multiple infections may be a waste of time. Your anti-virus cleaner may not even see the root cause, but the other malware it downloaded.

So when the other ones are cleaned off, the advanced threat checks, sees them missing and simply downloads them again. You could spend hours trying to get these off, and you may never get the root cause.

Most corporate policy nowadays is if your machine gets infected and a single pass of anti-virus cleanup doesn’t get it off, they will just wipe the machine and restore from backup. Some will not even bother with cleanup, seeing that it got past the anti-virus in the first place, and they just wipe and re-install.

Unfortunately, malware has become big business for hackers, Anti-Virus alone cannot protect corporate networks and additional steps must be taken.

SUPERAntiSpyware Review

The good folks at SUPERAntiSpyware gave me a free copy of their Professional version software quite a while back. Honestly, I was hesitant to try it.

There are so many anti-spyware programs out there now, and some are actually viruses, I just wasn’t interested.

I did a quick search on the product and found that even though PCMag gave it only a fair rating, I noticed that the users of the product gave it an excellent rating. I was intrigued.

I installed it right beside my PC Tools Spyware Doctor with Anti-virus. If you have been following my blog for a while, then you know that I am a strong PC Tools backer. When I was in the corporate world, it was what I found that cleaned virus infected machines that were protected by the “Big Two” anti-virus companies. And I have stuck with it ever since.

Here is what I found out about SUPERAntiSpyware. It installs quick and is not a resource hog. In my opinion, it is better at discovering spyware related threats than PC Tools, as on my machine it discovered many adware type items that PC Tools passed over. Also, it found a spyware virus in one of my computer security utilities, again that PC Tools said was okay. And let’s not forget that it was one of the few programs that could detect the USB shortcut vulnerability.

This brings to mind that you need to be really cautious downloading computer security tools. Make sure you download them from the creator and check the hash to make sure that what you got is what the creator intended and not something that a hacker uploaded.

I like SUPERAntiSpyware, it scans fast and is not obtrusive. My only complaint is the small splash screen that comes up every time I boot my PC. Sure, it tells you that the product is active, I just don’t like it.  

Over all I am very happy with SUPERAntiSpyware and plan on keeping it running beside by PCTools Spyware Doctor. They have been running a special on their Professional Version with Lifetime Updates for $19.95. If you are looking for an anti-spyware solution, check it out!