Zero-day infections are common
Antivirus software running on your computer has one big weak point – if a new virus is released before the antivirus provider knows about it or before the next scheduled antivirus software update, your system can be infected. Such zero-day infections are common.
However, a key recent development in antivirus software is to incorporate built-in defences against viruses and other computer malware for which they have no prior knowledge. These defences usually respond to unusual activity that resembles the way viruses behave once they have infected a system. This so-called heuristic approach combined with regularly updated antivirus software will usually protect you against known viruses and even zero-day viruses. However, in reality, there are inevitably some attacks that continue to slip through the safety net.
Writing in a forthcoming issue of the International Journal of Electronic Security and Digital Forensics, researchers at the Australian National University, in Acton, ACT, and the Northern Melbourne Institute of TAFE jointly with Victorian Institute of Technology, in Melbourne Victoria, have devised an approach to virus detection that acts as a third layer on top of scanning for known viruses and heuristic scanning.
The new approach employs a data mining algorithm to identify malicious code on a system and the anomaly of behaviour patterns detected is predominantly based on the rate at which various operating system functions are being “called”. Their initial tests show an almost 100% detection rate and a false positive rate of just 2.5% for spotting embedded malicious code that is in “stealth mode” prior to being activated for particular malicious purposes.
The Latest Bing News on:
- Colonial Pipeline paid a $5M ransom – but will that only invite other malware hacks?: 'If the payments stop, the attacks will stop'on May 15, 2021 at 10:50 am
Some cybersecurity experts, afraid Colonial Pipeline's $5M payout to hackers will trigger more malware attacks, are seeking a ban on ransom payments.
- Scary new Android malware is stealing bank logins in these 5 regionson May 15, 2021 at 6:01 am
For all the digital threats that are circulating at any given time, including everything from credential-stealing malware to malicious code that bombards the end user with annoying ads and ...
- Clark County investigating malware attack that took down network servers; some service gradually returningon May 15, 2021 at 3:00 am
Clark County officials said Friday it is unclear when their network will be fully restored after malware activity caused it to go down. The county reported on Thursday that all of their computer ...
- Hackers Using Microsoft Build Engine to Deliver Malware Filelesslyon May 14, 2021 at 9:52 am
Hackers Using Microsoft Build Engine to Deliver Malware Filelessly | Read latest news headlines on latest news and technical coverage on cybersecurity, infosec and hacking.
- Android malware tries to trick you. Here's how to spot iton May 14, 2021 at 6:02 am
Android malware is often deceptive. A mobile app called Ads Blocker, for example, promised to remove pesky ads from your phone, which sometimes pop up to cover your screen just when you're about to ...
- Pakistan-Linked Hackers Added New Windows Malware to Its Arsenalon May 14, 2021 at 5:04 am
Transparent Tribe APT, a Pakistan-linked hacking group, has added new Windows malware to its arsenal of hacking tools.
- Microsoft build tool abused to deliver password-stealing malwareon May 13, 2021 at 10:00 am
Threat actors are abusing the Microsoft Build Engine (MSBuild) to deploy remote access tools and information-stealing malware filelessly as part of an ongoing campaign.
- Microsoft warns: Watch out for this new malware that steals passwords, webcam and browser dataon May 13, 2021 at 6:58 am
Microsoft open sources tools to help organizations detect a nasty remote access trojan targeting the aviation, travel and cargo sectors.
- Microsoft: Threat actors target aviation orgs with new malwareon May 12, 2021 at 9:49 am
Microsoft warns of an ongoing spear-phishing campaign targeting aerospace and travel organizations with multiple remote access trojans (RATs) deployed using a new and stealthy malware loader.
- New ransomware: CISA warns over FiveHands file-encrypting malware varianton May 12, 2021 at 5:12 am
New malware has already been used in a cyberattack against one organisation. By Liam Tung | May 12, 2021 -- 12:12 GMT (05:12 PDT) | Topic: Security The US Cybersecurity & Infrastructure Security ...
The Latest Google Headlines on:
The Latest Bing News on:
- China's PLA poses risk to antivirus software supply chainon May 13, 2021 at 2:31 am
A US-based cybersecurity company recently found out that China People Liberation Army PLA has purchased antivirus products from security vendors from the ...
- China's PLA buying foreign antivirus products to identify vulnerabilities: Reporton May 13, 2021 at 1:43 am
It further said the purchase of foreign antivirus software by the PLA poses ... "They will then use the newly discovered vulnerabilities in a zero-day attack for initial intrusion," the report ...
- China's PLA buying foreign antivirus products to identify vulnerabilities: Reporton May 12, 2021 at 6:44 pm
A US-based cybersecurity company recently found out that China's People's Liberation Army (PLA) has purchased antivirus products from security vendors from the US, Europe and Russia, with the intent ...
- Lemon Duck hacking group adopts Microsoft Exchange Server vulnerabilities in new attackson May 10, 2021 at 2:24 am
Topic: Security Researchers have explored the latest activities of the Lemon Duck hacking group, including the leverage of Microsoft Exchange Server vulnerabilities and the use of decoy top-level ...
- MCP Launches AI-Powered Endpoint-Protection Solutionon May 6, 2021 at 12:02 pm
Mission Critical Partners (MCP) today announced that its proprietary cybersecurity monitoring solution, Mission-Critical NetPulse SecureSM, now includes an option for endpoint protection, a malware ...
- The Microsoft Exchange Server hack: A timelineon May 5, 2021 at 8:00 am
Research shows plenty of unpatched systems remain. Here's how the attacks unfolded, from discovery of vulnerabilities to today's battle to close the holes.
- Best Antivirus Software 2021on May 4, 2021 at 11:28 pm
The first reason for antivirus programs to collect user data is to ensure updated malware information is logged in threat databases quickly. Zero-day threats, which are malware files so new they ...
- The Cyber Cold War Is Hereon May 4, 2021 at 7:14 am
The culprit responsible was a virus, a worm that had managed to burrow deep into the innards of those computers through an astonishing series of zero-day exploits. That worm, nicknamed Stuxnet ...
- Apple patches exploited iOS and macOS WebKit flawson May 4, 2021 at 3:44 am
Apple has released security updates addressing zero-day vulnerabilities in its WebKit browser engine, which is primarily used in Safari and any other web browsers available on iOS, as well as Apple ...
- Shlayer Strikes Again Through Zero-Day in MacOS 11.3on May 2, 2021 at 11:00 pm
Apple's new macOS 11.3 update comes with a fix for a critical vulnerability that hackers exploited with Shlayer malware.