The evasiveness of Flame may have been what prevented traditional AV technology from catching it sooner.
Illegitimately signed Microsoft certificates were used to help spread the nefarious Flame malware, another sign detailing just how sophisticated the espionage toolkit is.
March 28, 2012
There's a certain amount of tension between testers and vendors from time to time, even in the rarified atmosphere of an AMTSO workshop.
While AV software derails a lot of potentially harmful attacks, it is only one component of a comprehensive security solution.
Microsoft issued a temporary fix for a vulnerability in the Windows kernel used to spread Duqu, the so-called "son of Stuxnet" trojan.
The slowness by which an offspring of Stuxnet was discovered may be further proof that attackers have a significant leg up on the security community.
Microsoft may face challenges from anti-virus rivals after announcing this week that the next version of Windows will come with built-in AV protection.
AV detection performance comparison is a can of worms (and trojans, and viruses, and bots...).
Malware gangs can always pick up some low-hanging fruit by doing drive-bys on older computers.
No anti-virus product worth its salt uses the "one malicious program, one signature" model today.
Good viruses and trojans? Legal malware? Does (or should) AV detect the FBI's spyware?
April 26, 2011
While some studies point to a decrease in malware, that is more of an indication that virus writers are getting better at hiding their wares.
A researcher mistakenly identified a legitimate folder on Samsung laptops as a keylogger program.
We all know about fake anti-virus, but fake support desk scammers are also making loads of money.
Anti-virus companies and active malware research: a conflict of interest?
Free anti-virus software is as effective in protecting users as a paid solution.
Though a Microsoft tool detects and prevents Zeus infections, its success rate may be limited, according to researchers at a security firm.
A trojan masquerading as the anti-virus product Microsoft Security Essentials attempts to trick users into installing a rogue security program, according to researchers at anti-virus firm F-Secure.
October 20, 2010
Jerry Dixon, the former head of US-CERT, will examine the truth behind one of 2010's biggest IT security buzzwords when he speaks at next month's SC World Congress.
July 15, 2010
Botnets have evolved into full-fledged criminal enterprises, and those organizations that take the threat lightly will be the ones paying in the end.
Attackers are spreading a trojan by leveraging a Windows application that lets users type complex characters and symbols, such as a foreign language letters. The trojan cloaks itself as a Windows Input Method Editor (IME) file, researchers at Websense said in a Monday blog post. Once installed, it disables anti-virus (AV) processes that may be running on the target machine, in addition to deleting any AV executable files that have been installed. — DK
Paul Paget, president and CEO of Savant Protection, discusses how whitelisting is evolving as a viable alternative to traditional anti-virus defenses. In an interview with SC Magazine's Angela Moscaritolo, Paget also responds to the criticisms he often hears about whitelisting.
June 15, 2010
A noted security researcher explains how sophisticated malware is created to elevate privileges on behalf of an attacker so security controls, such as anti-virus, can be disabled.
May 10, 2010
Virtualization is quickly transforming the IT landscape, but some organizations may have overlooked the security ramifications it presents.
A private equity firm on Tuesday purchased a majority interest of Sophos, which recently dropped plans to IPO, for $830 million.
A flawed McAfee update caused computers around the world to become stuck in an endless cycle of reboots.
A flawed update for McAfee VirusScan Enterprise took down an unknown number of corporate systems running Windows XP Service Pack 3 on Wednesday. According to reports, the faulty update caused affected computers to display an error message or a blue screen and to repeatedly reboot. "McAfee is aware that a number of corporate customers may have incurred a false positive error due to incorrect malware alerts," McAfee said in a statement. "The faulty update was quickly removed from all McAfee download servers, preventing any further impact on customers." The security giant apologized for the blunder and issued a fix. It is unknown how many users were affected by the glitch. — AM
April 19, 2010
In this month's "Five Stages of Employment" column, the author illustrates the things that get her blood boiling when it comes to information security.
Microsoft has concluded that PCs displaying the "blue screen of death" when trying to install a February patch contain a rootkit.
The organized and well-resourced cybercriminals who compromised systems at Google, Adobe and more than 30 other large companies used a previously unknown, zero-day Internet Explorer exploit as part of their arsenal to install data-stealing malware on target machines, researchers at McAfee revealed Thursday.
