Worm.com

Symantec Corp. (NASDAQ: SYMC) today announced
it has been granted a new patent for antivirus technology by the United
States Patent and Trademark Office. Symantec was granted U.S. patent
number 6,971,019 for histogram-based malicious code detection technology
that accelerates the detection of complex threats and security risks,
including viruses, worms, Trojan horses, blended threats, spyware, and
adware.

Histogram-based malicious code detection is a fundamental antivirus
technology employed throughout Symantec’s portfolio of antivirus solutions
at the desktop, server, and gateway to protect both consumers and
enterprises. Carey Nachenberg, Symantec Fellow and chief architect with
Symantec Research Labs, developed and patented the technology. This marks
the seventeenth patent awarded to Nachenberg since 1997 in the field of
information security.

“With this patent, Symantec continues to set the standard in the
information security space for innovating new technology that is
fundamental for protecting individuals and businesses alike from today’s
cyber threats,” said Mark Bregman, chief technology officer, Symantec.
“The enormous diversity of our technology portfolio, including this patent,
puts us in a unique position to offer our customers a broad range of
security and availability solutions tailored to fit their specific needs.”

“Histogram-based malicious code detection is one of the most effective and
efficient ways of solving the problem of complex threat detection,” said
Nachenberg. “Without this technology, it would be extremely difficult to
identify such threats without also significantly impacting performance.”

Malicious code typically has one or more behaviors or instructions that
identify it as a specific strain of threat. Histogram-based malicious code
detection technology uses a prioritized count of various behaviors and
instructions to identify code moving across a system or a network and more
quickly determine whether a threat is or is not present.

Symantec maintains a diverse portfolio of intellectual property such as
copyrights, trademarks, trade secrets, and technological expertise. In
particular, Symantec frequently applies for patents in the United States
and internationally to protect its inventions. Symantec currently owns
more than 200 patents in a variety of areas, including antivirus, intrusion
detection/prevention, firewall, security and software management, storage
and imaging, software distribution, compression/encryption, anti-spam,
anti-spyware, and virtual private network security.

About Symantec

Symantec is the world leader in providing solutions to help individuals and
enterprises assure the security, availability, and integrity of their
information. Headquartered in Cupertino, Calif., Symantec has operations
in more than 40 countries. More information is available at
www.symantec.com.

NOTE TO EDITORS: If you would like additional information on Symantec
Corporation and its products, please view the Symantec Press Center at
http://www.symantec.com/PressCenter/ on Symantec’s Web site. All prices
noted are in US dollars and are valid only in the United States.

Symantec, the Symantec logo, VERITAS, and the VERITAS logo are trademarks
or registered trademarks of Symantec Corporation or its affiliates in the
United States and certain other countries. Additional company and product
names may be trademarks or registered trademarks of the individual
companies and are respectfully acknowledged.

CONTACT:

Cris Paden
Symantec Corporation
408/517-8547
cpaden@symantec.com

Mike Bradshaw
Connect Public Relations
801/373-7888
mikeb@connectpr.com

Information provided by: Findarticles.com

Byline: Debora MacKenzie

Dec 13, 2005 (New Scientist - ABIX via COMTEX) — Viruses that make mistakes when they copy their DNA or RNA are more dangerous than other viruses. The RNA polymerase enzymes are particularly prone to making copying mistakes. A team of scientists at the

University of California, US, led by Raul Andino, showed experimentally that viruses that have different characteristics are more …

Read the rest of this article with a Free Trial at HighBeam Research.

Information provided by: Findarticles.com

34 Kansas counties saw cases of virus</p>

ON THE NET

Kansas Department of Health and Environment

www.kdheks.gov

The Capital-Journal

Twenty-two Kansans contracted the West Nile virus this year, according to Kansas Department of Health and Environment records.

KDHE reported Thursday that the 2005 West Nile virus season ended with the recent freezing weather, but not before the virus was found in 34 Kansas counties, including Shawnee, Douglas, Johnson, Marshall, Wyandotte and Wabaunsee.

A death on Oct. 14 in the southwest part of the state was attributed to the virus, according to KDHE.

The first case was reported in mid-May, when a Douglas County man became the first person in the United States to contract the virus. The second case in the state wasn’t found until a Rice County man was detected with it in mid-July.

Dr. Howard Rodenberg, state health director at KDHE, said the season was “effectively over” by Dec. 1.

“West Nile virus season continues until mosquitoes become dormant after the earliest frosts and the beginning of cold weather,” he said.

He said KDHE usually calls the season over after at least two hard freezes.

KDHE detected positive mosquito pools and horse cases throughout the state, including the northeast Kansas counties of Wabaunsee, Johnson and Marshall.

KDHE reported that about 20 percent of those infected with the virus show symptoms, which typically begin three to 15 days after a mosquito bite.

Most of those infected show no or mild symptoms. Because the symptoms aren’t specific to West Nile virus, only laboratory tests can confirm a diagnosis.

Last year in Kansas, 37 residents were believed to have been infected with the virus, two of whom died from it.

Copyright 2005
Provided by ProQuest Information and Learning Company. All rights Reserved.

Information provided by: Findarticles.com

AsiaInfo Services

12-08-2005

Kingsoft and Rising Released New Antivirus Software Versions

BEIJING, Dec 08, 2005 (SinoCast via COMTEX) — Kingsoft Co., Ltd. and Rising Tech Co., Ltd., China’s two leading anti-virus software providers, released their latest anti-virus software versions for 2006 on December 6.

Kingsoft Antivirus 2006 will upgrade its virus base for at least 17 times each week, said Lei Jun, president of Kingsoft.

Rising Antivirus 2006 launched online expert clinic, which the Antivirus 2005 does not offer.

Rising Antivirus 2006 is also released globally in four …

Read the rest of this article with a Free Trial at HighBeam Research.

Information provided by: Findarticles.com

Byline: Matt Brown

Dec 08, 2005 (Time Australia - ABIX via COMTEX) — Fortinet Incorporated’s Ken Xie helped pioneer a new approach to firewalls, after

noticing software-based firewalls slowed down networks. Netscreen, which was founded by Xie in 1997, was eventually acquired by Jupiter Networks, providing Xie with the venture capital needed to found Fortinet in the year 2000. Over the years to 2005, Fortinet developed the FortiGate system,

which "bounces" out "rogue operators" before they can …

Read the rest of this article with a Free Trial at HighBeam Research.

Information provided by: Findarticles.com

On World AIDS Day, December 1, advocates once again remember those lost. This year, however, researchers in Belgium are predicting an end to the losing. Writing in the October 15 edition of the journal AIDS, a team of Belgian scientists said that as the AIDS virus mutates to thwart the body’s immune system, it is slowly losing its ability to kill. Such viral weakening could mean an end to HIV-related deaths within 50 to 60 years, they said.

Other AIDS experts, however, cautioned that HIV could remain virulent for hundreds of years. Viral weakening is "a very slow process," warned Marco Vitoria, an AIDS expert at the World Health Organization, "to be measured not in years but in generations."

For coverage of World AIDS Day and other health-related news, go to www.advocate.com.

COPYRIGHT 2005 Liberation Publications, Inc.
COPYRIGHT 2005 Gale Group

Information provided by: Findarticles.com

Reigning World Superbike champion Troy Corser was forced to settle for an uncharacteristic second best when the final test of 2005 concluded at Qatar today - but it was illness rather than a lack of speed that defeated him.

The Alstare Suzuki Corona Extra rider had been fastest on both day one and day two, but was denied the chance to defend his position - and try qualifying tyres - after a stomach virus ruled him out of riding.

The Australian came to the track hoping to at least ride in the afternoon, but was in obvious discomfort and so he and the team decided it would be safer not to ride. In his absence, countryman Troy Bayliss eventually knocked Corser from the top - by just 0.04secs on race tyres, and then by 0.57secs with the aid of qualifying rubber.

“It was disappointing not to ride today, because I felt sure …

Information provided by: Findarticles.com

TECHNOLOGY RESEARCH NEWS

One way to curb computer viruses is to beat them at their own game.

Researchers from Hebrew University and Tel Aviv University in Israel and the Institute for Scientific Interchange (ISI) in Italy have showed that a good way to defeat computer viruses is to make immunization software that spreads like viruses.

The researchers’ scheme uses traps, dubbed honey pots, that are spread across the Internet and become infected as a virus spreads. The traps analyze the virus, generate immunization software and spread the immunization code across the network. …

Read the rest of this article with a Free Trial at HighBeam Research.

Information provided by: Findarticles.com

The best way to stop an epidemic might be to start one. That’s the gist of a new strategy against computer viruses that was just unveiled by Israeli researchers. In their theoretical approach, when a computer network detects a new virus, it launches an internal counter-epidemic of self-propagating, protective messages. Upon receiving such a message, an uncontaminated computer immunizes itself against the virus.

If the new method proves practical, it could give rise to network-based mechanisms-perhaps covering the entire Internet–for containing viruses, says codeveloper Eran Shir of Tel Aviv University in Ramat Aviv. Those mechanisms might replace today’s ponderous practice of keeping equipment safe by regularly downloading antivirus software.

"This is a great and very innovative proposal that has the potential to change our computer-virus-fighting strategies" comments network specialist Albert-Laszlo Barabaisi of Harvard University and the University of Notre Dame in Indiana.

In the new scheme, proposed in the December Nature Physics, network designers would scatter "honeypots" throughout a network. These are computers secretly armed with software that can trap and identify new viruses, then rapidly generate and broadcast the means to lock out the intruders. The protective message would fan out among the computers on links that only the antiviral mechanism could use.

According to simulations by the Israeli team, severely limiting the virus’ spread in a network would require relatively few honeypots. For instance, in a simulated 200,000-computer network with one honeypot for every 250 computers, the virus would infect less than 1 percent of the computers, Shir says. Moreover, he notes, the larger the model network, the smaller the proportion of computers that the virus could overrun.

The idea of self-immunizing networks isn’t new, says physicist Jeffrey O. Kephart of IBM T.J. Watson Research Center in Yorktown Heights, N.Y. Starting in the 1990s, he and his colleagues have developed self-protective network architectures and software. Those fully automatic setups capture and analyze a virus and generate an antidote to it within minutes.

What’s most innovative about the honeypot scheme, Kephart says, is the shadow network that would transmit the immunizing messages. Those extra links could be as simple as a set of special e-mail addresses. They would enable the epidemic of immunization messages to take place "behind enemy lines," Shir says, and thereby gain the upper hand.

"I really think this paper is highly valuable," says Alessandro Vespignani of Indiana University in Bloomington. By introducing the idea of manipulating the network topology to improve antiviral response, "it’s opening a different way of thinking," he says.

Could hackers commandeer the shadow network? Shir says that protective technologies already available, such as encryption methods widely used for financial transactions on the Web, make that unlikely.

Still, says Dietrich Stauffer of the University of Cologne in Germany, "past experience shows … that new defenses can be broken by new weapons. I expect [the new technique] to help, but not to solve, the problem of viruses."

COPYRIGHT 2005 Science Service, Inc.
COPYRIGHT 2005 Gale Group

Information provided by: Findarticles.com

Passatempo virus was isolated during a zoonotic outbreak. Biologic features and molecular characterization of hemagglutinin, thymidine kinase, and vaccinia growth factor genes suggested a vaccinia virus infection, which strengthens the idea of the reemergence and circulation of vaccinia virus in Brazil. Molecular polymorphisms indicated that Passatempo virus is a different isolate.

**********

Since 1999, an increasing number of exanthemous outbreaks affecting dairy cattle and cow milkers in Brazil have been reported (1-3). These outbreaks were related to poxvirus infections, which resulted in economic losses to farmers and affected the health of humans and animals. Here we report a vaccinia virus (VACV) outbreak that emerged in March 2003 in the town of Passa-Tempo, Minas Gerais State, Brazil.

The Study

The outbreak area is characterized by small rural properties with diverse crops, pasturelands, and surrounding fragments of Atlantic Forest. Its climate is tropical, with a relatively severe dry season, generally from April to September (4).

All dairy farms were similar, consisting of a main house with corrals and pasture fields generally with unsophisticated infrastructure. All milking was manually performed by milkers, typically without strict aseptic measures, which could have contributed to the spread of the virus among the herd and milkers. Cows exhibited lesions on teats and udders that resembled the clinical features observed during other Brazilian VACV outbreaks (1). Initial acute lesions were associated with a roseolar erythema with localized edema that led to the formation of vesicles. The vesicles rapidly progressed to papules and pustules, which subsequently ruptured and suppurated. Typically, a thick dark scab followed, but the formation of large areas of ulceration was also common. The course of infection lasted from 3 to 4 weeks. Different stages of lesions were present, ranging from papules to vesicles, pustules, and crusts (Figure 1). Moreover, because of secondary infections, some cows had mastiffs (Figure 1). Calves became infected, showing lesions on oral mucosa and muzzles (Figure 1). Several infected milkers reported lesions on their hands, which were apparently transmitted by unprotected contact with sick cattle (Figure 1). In addition, infected persons reported severe headache, backache, lymphadenopathy, and high fever.

[FIGURE 1 OMITTED]

For virus isolation, crusts were collected from 5 cows and 1 calf, macerated, and added to the chorioallantoic membrane of embryonated eggs (2). The whitish pockmarks produced on chorioallantoic membranes resembled VACV pocks, differing from the red hemorrhagic ones produced by cowpox virus (CPXV) (online Appendix Figure 1; available at http://www.cdc.gov/ncidod/EID/ vol11no12/05-0773_appl.htm). Blood from affected animals was collected for neutralization assays (5). Serologic cross-reactivity of antibodies to VACV-Western Reserve (WR) strain was detected in all samples, and titers of these serum samples were [greater than or equal to] 640 U/mL (data not shown).

Transmission electron microscopy of isolates (6) showed a morphologic pattern typical of orthopoxviruses (online Appendix Figure 2; available at http://www.cdc. gov/ncidod/EID/vol11no12/05-0773_app2.htm). No A-type inclusion body (ATI) was seen, reinforcing the conclusion that this virus was likely not a CPXV, but a VACV. Viral DNAs were extracted (6) and used as template for ati gene restriction fragment length polymorphism (RFLP) analysis (7). The ati RFLP patterns of all isolates were identical to those of Aracatuba virus (ARAV) (1) and other VACV strains previously isolated in our laboratory (unpub. data); they were similar to those of VACV-WR and completely different from those of CPXV-Brighton Red (BR) (online Appendix Figure 3; available at http://www. cdc.gov/ncidod/EID/vol11no12/05-0773_app3.htm). Since all isolates showed the same ati RFLP pattern, one was cloned, purified, titrated (1,6), and named Passatempo virus (PSTV).

[FIGURES 2-3 OMITTED]

To better identify this etiologic agent, ha, tk, and vgf genes were amplified by polymerase chain reaction with Taq polymerase (Promega, Madison, WI, USA) (6,8,9). Amplicons were cloned into pGEM-T vector (Promega). Three clones were sequenced 3 times in both orientations by the dideoxy method, using M13 universal primers and ET Dynamic Terminator for MegaBACE (GE Healthcare, Fairfield, CT, USA). The nucleotide (nt) sequences of ha, tk, and vgf were assembled by using the CAP3 Sequence Assembling Program (10) and deposited in GenBank under accession numbers DQ070848, DQ085461, and DQ085462, respectively. The sequences and inferred amino acid sequences were aligned with those of orthopoxviruses by using the ClustalW 1.6 program (11).

PSTV ha gene sequence was compared to those of ARAV, Cantagalo virus (CTGV) (1,2), VACV-WR, CPXV-BR, VACV Instituto Oswaldo Cruz (VACV-IOC), and VACV Lister (VACV-LST). VACV-IOC and VACV-LST are vaccine strains used in the Brazilian smallpox eradication program (2,6). The PSTV ha gene sequences presented the same 18-nt deletion found in ARAV, CTGV, and VACV-IOC and shared more similarities to ARAV and CTGV homologous sequences. Additionally, 8 amino acid substitutions were unique to PSTV, ARAV, and CTGV. Since this characteristic was not observed in the vaccine strains, an independent origin is suggested. Moreover, PSTV HA differs from that of ARAV and CTGV by 1 and 2 amino acid substitutions, respectively (online Appendix Figure 4; available at http://www.cdc.gov/ncidod/ EID/vol11no12/05-0773_app4.htm). The percentage of identity between ha, tk, and vgf nucleotide sequences and inferred amino acid sequences of PSTV with CPXV-BR and other VACV strains are presented in the Table. For the tk gene that is highly conserved among VACV, the PSTV nucleotide sequence had 100% identity to ARAV, VACV-LST, and VACV-WR homologous sequences. Additionally, PSTV vgf gene had a 3-nt deletion, corresponding to nt 7,669-7,671 of VACV-WR, causing the loss of 1 isoleucine in a stretch of 4 found in the ARAV and VACV-WR VGF sequences (Appendix Figure 4). PSTV VGF also exhibited 2 amino acid substitutions when compared to ARAV VGF sequences.

Information provided by: Findarticles.com