In this case study from The George Washington University, researchers Sara Laughlin and Matthew Wollenweber released their work on previously undetected malware they discovered via their IDS system. Unknown to most anti virus products, and proceeded to analyze it:
On January 7th, 2010 GWU ISS Security identified a potential threat by a signature alert on a network sensor. Later analysis confirmed a security threat not currently detected by most antivirus products. This report details how the malware was detected and the analysis of the threat. Additionally, we hope this informs readers of a current threat.This report underscores how anti virus products while a critical part of any computer's security, are insufficient by themselves, and inherently incomplete as a reactive solution.
I applaud the good work from the researchers, and even more, the fact they took the time to write and to release this report. These are barely ever public, and they earned my respect.
You can read the complete article here:
http://www.cyberwart.com/blog/2010/01/09/undetected-malware-case-study-jan2010-01/
Gadi Evron,
ge@linuxbox.org.
Follow me on twitter! http://twitter.com/gadievron
No comments:
Post a Comment