Anti Virus

Debate: The evasiveness of Flame may have been what prevented

The evasiveness of Flame may have been what prevented traditional AV technology from catching it sooner.

Spy virus Flame got help from doctored Microsoft certificates

By

Illegitimately signed Microsoft certificates were used to help spread the nefarious Flame malware, another sign detailing just how sophisticated the espionage toolkit is.

The "caught red-handed" league

The "caught red-handed" league

There's a certain amount of tension between testers and vendors from time to time, even in the rarified atmosphere of an AMTSO workshop.

Security vendors can no longer ignore patch management

While AV software derails a lot of potentially harmful attacks, it is only one component of a comprehensive security solution.

Microsoft issues workaround for Duqu malware

By

Microsoft issued a temporary fix for a vulnerability in the Windows kernel used to spread Duqu, the so-called "son of Stuxnet" trojan.

Duqu underscores trouble AV industry has in stopping threats

By

The slowness by which an offspring of Stuxnet was discovered may be further proof that attackers have a significant leg up on the security community.

Microsoft Windows 8 will ship with built-in anti-virus

By

Microsoft may face challenges from anti-virus rivals after announcing this week that the next version of Windows will come with built-in AV protection.

Shadow boxing

AV detection performance comparison is a can of worms (and trojans, and viruses, and bots...).

Ten years later, still the same malware?

Malware gangs can always pick up some low-hanging fruit by doing drive-bys on older computers.

Magic Lantern: Shining a light on the AV numbers game?

No anti-virus product worth its salt uses the "one malicious program, one signature" model today.

CIPAV: Spy(ware) versus Spy(ware)

Good viruses and trojans? Legal malware? Does (or should) AV detect the FBI's spyware?

Is malware on the decline, or is evasion on the rise?

Is malware on the decline, or is evasion on the rise?

While some studies point to a decrease in malware, that is more of an indication that virus writers are getting better at hiding their wares.

Samsung laptops dubbed clean after false alarm

By

A researcher mistakenly identified a legitimate folder on Samsung laptops as a keylogger program.

Supporters club

We all know about fake anti-virus, but fake support desk scammers are also making loads of money.

Poachers and gamekeepers

Anti-virus companies and active malware research: a conflict of interest?

Debate: Free anti-virus software is as effective in protecting users as a paid solution

Free anti-virus software is as effective in protecting users as a paid solution.

Microsoft tool unable to detect new versions of Zeus

By

Though a Microsoft tool detects and prevents Zeus infections, its success rate may be limited, according to researchers at a security firm.

Trojan found disguised as Microsoft anti-virus product

By

A trojan masquerading as the anti-virus product Microsoft Security Essentials attempts to trick users into installing a rogue security program, according to researchers at anti-virus firm F-Secure.

Is the advanced persistent threat something new?

Is the advanced persistent threat something new?

By

Jerry Dixon, the former head of US-CERT, will examine the truth behind one of 2010's biggest IT security buzzwords when he speaks at next month's SC World Congress.

The shadowy world of the advanced persistent threat and botnets

The shadowy world of the advanced persistent threat and botnets

Botnets have evolved into full-fledged criminal enterprises, and those organizations that take the threat lightly will be the ones paying in the end.

Malware disguised as IME file appears

By

Attackers are spreading a trojan by leveraging a Windows application that lets users type complex characters and symbols, such as a foreign language letters. The trojan cloaks itself as a Windows Input Method Editor (IME) file, researchers at Websense said in a Monday blog post. Once installed, it disables anti-virus (AV) processes that may be running on the target machine, in addition to deleting any AV executable files that have been installed. — DK

Application whitelisting: Interview with Paul Paget, president and CEO of Savant Protection

By

Paul Paget, president and CEO of Savant Protection, discusses how whitelisting is evolving as a viable alternative to traditional anti-virus defenses. In an interview with SC Magazine's Angela Moscaritolo, Paget also responds to the criticisms he often hears about whitelisting.

Why malware wins the host race

Why malware wins the host race

A noted security researcher explains how sophisticated malware is created to elevate privileges on behalf of an attacker so security controls, such as anti-virus, can be disabled.

Avenging host: The impact of virtualization on network security

Avenging host: The impact of virtualization on network security

Virtualization is quickly transforming the IT landscape, but some organizations may have overlooked the security ramifications it presents.

Sophos sells majority stake to private equity group

By

A private equity firm on Tuesday purchased a majority interest of Sophos, which recently dropped plans to IPO, for $830 million.

McAfee error wreaks havoc on corporate systems

By

A flawed McAfee update caused computers around the world to become stuck in an endless cycle of reboots.

Flawed McAfee update cripples corporate PCs

By

A flawed update for McAfee VirusScan Enterprise took down an unknown number of corporate systems running Windows XP Service Pack 3 on Wednesday. According to reports, the faulty update caused affected computers to display an error message or a blue screen and to repeatedly reboot. "McAfee is aware that a number of corporate customers may have incurred a false positive error due to incorrect malware alerts," McAfee said in a statement. "The faulty update was quickly removed from all McAfee download servers, preventing any further impact on customers." The security giant apologized for the blunder and issued a fix. It is unknown how many users were affected by the glitch. — AM

Venting our security anger

Venting our security anger

In this month's "Five Stages of Employment" column, the author illustrates the things that get her blood boiling when it comes to information security.

Rootkit to blame for Windows fix resulting in blue screen

By

Microsoft has concluded that PCs displaying the "blue screen of death" when trying to install a February patch contain a rootkit.

Microsoft discloses zero-day IE flaw used in China attacks

By

The organized and well-resourced cybercriminals who compromised systems at Google, Adobe and more than 30 other large companies used a previously unknown, zero-day Internet Explorer exploit as part of their arsenal to install data-stealing malware on target machines, researchers at McAfee revealed Thursday.

Sign up to our newsletters

POLL