“Antivirus vendors can't deal with security threats” plus 3 more |
- Antivirus vendors can't deal with security threats
- Antivirus software often misses new malware
- MacOS gets antivirus update
- Marketwatch: Threats Create Opportunities
| Antivirus vendors can't deal with security threats Posted: 21 Jun 2010 03:01 AM PDT AN INSECURITY FIRM claims that the antivirus software vendors can't keep up with the explosion in malware. NSS Labs say that it takes an average of two days to block a website designed to attack a computer visiting it. The outfit tested security software suites against a raft of fresh malware out in the wild on the Internet and found that the results should be a major wake-up call for the industry. NSS Labs does independent security software testing and does not take cash for performing the tests. President Rick Moy said that NSS developed a test that mimics how average people browse the world wide web. This found a number of malicious websites and then visited them with a web browser. The software recorded how and when various security software products blocked the threats. He said that enterprises were most at risk from freshly customized malware. Security vendors do share malware samples, but if no company sees or detects the malware, it can quietly circulate and potentially infect machines, stealing data. More than 50,000 new malicious programs are detected every day, the report said. The implication of NSS Labs' findings is that if the industry can't keep up there will be some serious trouble. µ
Five Filters featured article: Headshot - Propaganda, State Religion and the Attack On the Gaza Peace Flotilla. Available tools: PDF Newspaper, Full Text RSS, Term Extraction. |
| Antivirus software often misses new malware Posted: 21 Jun 2010 02:27 AM PDT New research has further confirmed the difficulties security software companies are having keeping up with an explosion in malicious software programs on the Internet. Security software from major vendors can take an average of two days to block a website designed to attack a computer visiting it, according to the latest report from NSS Labs, which tested security software suites against fresh malware released on the Internet. "The magnitude of these findings should be noting short of an alarming wake-up call for the security industry," according to the report. Antivirus tests should measure speed, says group | Sophos reinvents antivirus with cloud lookup NSS Labs does independent security software testing. Unlike many other testing companies, it does not accept money for vendors for performing the tests, a stance that the company's president Rick Moy says results in more accurate evaluations. NSS Labs developed a test that mimics how average people browse the Web, finding potentially malicious Web sites and then visiting them with a Web browser. They then record how and when - or if at all - security software block the threats. The latest test was run 24 hours a day for nine days. "We've done testing like the bad guys do," Moy said. "If you're not testing like the bad guys, what's the point? We go out to the live Internet and find out what is circulating on malicious campaigns in real time." Enterprises are most at threat from fresh customized malware. Security companies share malware samples, but if no company sees or detects the malware, it could quietly circulate and potentially infect machines, stealing data. Even if it is undetected for a short period of time, it still is enough a window to infect a corporate network. As many as 50,000 new malicious programs are detected every day. NSS Labs has chosen to reveal the worst-performing vendors of the 10 products they tested. NSS Labs puts the suites in three categories: "recommend," which means a product performed well and should be used in an enterprise; "neutral," which means a product performed reasonably well and should continued to be used if it is already in use; and "caution," which means the product had poor test results and organizations using it should review their security posture. NSS Labs rated AVG's Internet Security Business Edition and Panda Security's Internet Security as "caution." The full results are contained in NSS Labs' report, "Endpoint Protection Products Group Test Report, Socially-Engineered Malware," which costs US$495. Also covered in the report are Eset, F-Secure, Kaspersky, McAfee, Norman, Sophos, Symantec, Trend Micro. Some security software vendors employ reputation systems in order to detect a malicious Web site, which usually involves checking a database of blacklisted Web sites. Those systems, however, are not widely used and are immature, NSS Labs said. Overall, it took vendors an average of 45.8 hours to block a site, if it was blocked at all, according to the report. If a software suite did not block a bad Web site the first time, they continued to test the site against the software every eight hours to see how long it took a vendor to add protection. Times ranged from 4.62 hours for the best performing vendor to 71.01 hours for AVG and 92.48 hours for Panda. Block rates varied depending on how long the malicious website has been active. The researchers have a "zero-hour" criteria where it checks whether the software can stop newly found sites. The results aren't great. The best vendor was able to block new sites only 60.6 percent of the time. At the bottom end, AVG, Panda and Eset's software could do that less than 44 percent of time. Moy said security companies could make vast improvements in their ability to detect brand-new malware. For consumers and enterprises, buying the brand that takes out the largest ad space doesn't necessarily equate to better security, he said. Up to one-third of security software contracts change hands every year. "Enterprises are definitely dissatisfied with the protection," Moy said. "They're looking around." Send news tips and comments to jeremy_kirk@idg.com Five Filters featured article: Headshot - Propaganda, State Religion and the Attack On the Gaza Peace Flotilla. Available tools: PDF Newspaper, Full Text RSS, Term Extraction. |
| Posted: 21 Jun 2010 11:07 AM PDT Has Apple heard the security wake-up call? With its 10.6.4 release to the Snow Leopard operating system, the company is now embedding code to detect a new and specific malware attack to the OS, made by Sophos, which said that buried deep in the update was a fix that could detect an attack called Pinhead-B, which tricks users into using a phony version of iPhoto that installs a Trojan horse on the computer. Sophos found additional code in the MacOS "Xprotect" file, a rudimentary list of malicious programs that have targeted the computer in the past. It's a small list: Apple's update to this file nearly doubles its size, but it's still a mere 5.1KB. Two things of note here: Unfortunately, this anti-malware system is so basic that it is not really an effective attack deterrent. In fact, as Sophos notes, there are still a lot of threats that target MacOS that the system doesn't protect against, and a more advanced form of anti-malware protection is probably called for. The other issue is that Apple didn't disclose these updates in the 10.6.4 release. Sure, it's a minor tweak — protecting against a single malware attack — but it's curious that Apple didn't even mention it in its release notes. Is this a case of it not being worth the ink to write about, or is Apple simply embarrassed that it's not the iron vault of security that it pretends to be? I'm happy Apple is taking steps — even halting ones — to address security issues. But the sooner the company comes to terms with the fact that all computer systems can be compromised — and makes clear that it is doing all it can to remedy the situation — the better. — Christopher Null is a technology writer for Yahoo! News. Follow me on Twitter and join me on Facebook! Get this blog via RSS on your My Yahoo! page.
Five Filters featured article: Headshot - Propaganda, State Religion and the Attack On the Gaza Peace Flotilla. Available tools: PDF Newspaper, Full Text RSS, Term Extraction. |
| Marketwatch: Threats Create Opportunities Posted: 21 Jun 2010 09:23 PM PDT
Credit: Courtesy of Motorola A decade ago, a company looking to secure its computer systems would have purchased antivirus software, a firewall, and perhaps an intrusion detection system. Today, the growing variety of attacks has given rise to nearly 70 different security niches, including markets for firewalls that specifically protect Web-based applications and for systems that prevent data loss across an enterprise. Meanwhile, each submarket is getting increasingly complex. In 2009 one of the biggest security companies, Symantec, generated 2.9 million separate signatures, or digital patterns associated with malicious software--an increase of 71 percent over the previous year.
In response to this complexity, larger security firms have acquired many smaller firms. According to the 451 Group, an analysis firm, Symantec has spent $2.7 billion in the past three years to scoop up 10 companies, including the e-mail protection firm MessageLabs and the encryption provider PGP. McAfee acquired seven companies, including e-mail security firm MX Logic, for $1.1 billion during the same period. But the market remains fragmented: last year the top five security software companies accounted for 47 percent of the industry's revenues, down from 55 percent in 2007, according to the IT research company Gartner. The labyrinth of modern security creates opportunities for companies offering managed security and cloud-based services. For example, experts from IBM or SecureWorks will, for a monthly fee, monitor a business's firewall logs, manage intrusion detection systems, block spam, and protect Web-based applications from malicious traffic. These kinds of services are getting more popular--especially cloud-based systems, which require no on-site hardware. A quarter of firms now outsource their e-mail filtering, and that number could grow to more than a third this year, according to Forrester Research. The growing number of devices that connect to the Internet, from smart phones to electricity meters, creates yet another expanding market for security firms. In the past year, several rudimentary malicious programs have targeted iPhones and Android-based phones, and security researchers have released proof-of-concept programs, such as mobile botnets, that can take over mobile devices. Firms such as Lookout and Zenprise are already helping consumers and companies lock down their phones against the possibility of such attacks. Traditional antivirus firms are targeting this market as well. The market in security software for mobile devices is predicted to reach $4 billion by 2014, according to ABI Research. Five Filters featured article: Headshot - Propaganda, State Religion and the Attack On the Gaza Peace Flotilla. Available tools: PDF Newspaper, Full Text RSS, Term Extraction. |
| You are subscribed to email updates from Yahoo! News Search Results for antivirus To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google Inc., 20 West Kinzie, Chicago IL USA 60610 | |
0 comments:
Post a Comment