Malware Outbreak Beats Most AV's

See this:

http://www.theregister.co.uk/2007/11/10/india_times_under_attack/

If you are not paranoid now, you will be after you read this. Sounds like signature based AV's are not enough without HIPS or behavorial analysis. I wonder how ScanSafe does their detections.

 

Nothing is enough.

Lol, why not? Lets test the nasties. Where is the link?

 

Just another example why people who're really concerned about security don't rely on AVs.

 

I know the IndiaTimes site well enough; it is a pretty easy site to access; but I am not linking. It is indeed a holiday in India.....I could comment a few things on IndiaTimes' response, but that would turn into what would be considered as bashing and flaming. Suffice to say that I'll be surprised if they cut their holiday short like Mary Landesman expects

Meanwhile I would urge people to avoid the website at least until Tuesday

 

Marketing at its best.
.

um...is she who recommended trendmicro and mcafee as 'best buy' in the past, isn't she?

 

Here is another wild story:

http://hardware.slashdot.org/article.pl?sid=07/11/11/2246246

New hard drives were found to have malware preinstalled, possibly a targeted attack by Chinese spies! OMG

 

Hardy har har. Does anyone really buy that.

Ignorance is the root of fear, and it looks like some people are nothing short of paranoid.

 

A few more details here about the IndiaTimes.com attack.

 

I am not surprised. China is unfortunately nr.1 in stealth malware.

 

Thanks. Next time when I buy a new harddisk, I will zero it first, especially when it's "Made in Taiwan".

 

Hi, folks:

Just a bit geography/history refresh tips; Hard disks widely discussed here and on other cybermedia are made in THAILAND, then traced back to CHINA, infected merchandises are discovered in TAIWAN. These three nations are not the same one. Hard Disk made in Taiwan is no longer profitably possible. They may produce (OEM) high-end chips there. Hard Disk , DVDs and Cd's alike are now massively rolled out in low-paid-labour countries, and perhaps in sweat shops (if air conditioned). Thought to clarify some confusion here. Besides, China/Taiwan is very touchy political issues, rather not to talk about it here. Take care.

 

Thailand, my packet filter found several times crypted chars that could have its origin from Thailand.

 

Does not everyone reformat every new drive immediately?

 

Unwashed masses!!!



//

 

Thought most people here knew that
Not to mention a locked down browser to stop malicious scripts

Most people (especially those vulnerable to malware, the less techy people) expect harddrives to be clean with absolutely nothing on it seeing as it just came out of the factory.

 

No matter how noble AV's have become and in spite of all their good and vigilant efforts, they simply cannot match up in the same manner as HIPS and that should long already become evident for them by now.

The KEY is to not so much pile up the signature databases but do like HIPS and go straight to the heart of the matter, the operating system code itself. HIPS make great use of SUSPENDING files that signal an action and thus afford the user a fighting chance to keep potential malware/viruses from attaching to the core code of the operating/file system.

This is indeed a great breakthrough and advance like none like it ever before and this is very evident seeing that AV's are now implimenting their own forms of behavioral suspension themselves, but i venture to conclude that sandboxes and/or virtual apps are even a better step ahead of the malware threat by virtue of establishing a containment area where apps/files cannot DIRECTLY write or affect a system in such a duplicate but artificial environment and IMO, the trend of the future for best security against such risks.