An add-on for antivirus software that can scan across a computer network and trap malicious activity missed by the system firewall is being developed by an international team. Details are reported in the International Journal of Electronic Security and Digital Forensics. The research raises the issue that the developers of both operating systems and antivirus software must work more closely together to reduce the burden of malware on computer systems the world over.
The battle between malware authors and security researchers has changed dramatically in the last few years. The purpose behind malware was often for the sake of a prank, to expose vulnerabilities or for the sake of spite. Today, malware is more about stealing sensitive data and exploiting information for fraud, identity theft and other criminal intent. In addition, much malware is aimed at breaking systems through denial-of-service (DoS) attacks in the name of espionage, whether industrial or political or for “hacktivism”, whereby activists prevent legitimate users from accessing a site they see as the enemy to their cause.
Computer security systems that attempt to thwart the spread of malicious software, malware, often fall down at one of two points of failure. The first being the failure of the network to spot malicious data packets entering the system. The second is that once the network is breached, the antivirus software, which is the last line of network defense fails to identify the software intruder as malicious. Now, researchers in Jordan and the USA have devised an antivirus add-on that allows the AV software to scan the network data as well as applications and so trap malicious activity that the firewall and other defenses that work at the network have missed.
The system devised by computer scientists Mohammed Al-Saleh of Jordan University of Science and Technology in Irbid and Bilal Shebaro of St. Edward’s University, Austin, Texas, side-steps the problem of additional computing overheads placed on a network attempting to detect the spread of malware that may well be encrypted and avoids the issue of antivirus software becoming out-of-date the instant new malware is written and uploaded and the inevitable vulnerability that occurs during the AV scanning process.
Read more: Low-cost malware detection
The Latest on: Malware detection
via Google News
The Latest on: Malware detection
- 2021 Malware Trends: What We Should Expecton April 9, 2021 at 10:19 am
It seems as if news of another malware or ransomware attack surfaces every day. From the ransomware attack against defense contractor CPI to an Emotet campaign impersonating the Democratic National ...
- Discord and Slack are becoming hotbeds for malwareon April 9, 2021 at 6:02 am
Several popular online collaboration tools, including the likes of Slack and Discord, are being hijacked by hackers to distribute malware, experts have warned. A new report from Cisco’s Talos ...
- Researchers uncover a new Iranian malware used in recent cyberattackson April 8, 2021 at 6:37 am
An Iranian threat actor has unleashed a new cyberespionage campaign against a possible Lebanese target with a backdoor capable of exfiltrating sensitive information from compromised systems.
- Meet the Developers Behind Sonatype’s Automated Malware Detection System Securing Open Source Supply Chainson April 8, 2021 at 6:17 am
While it’s been a company wide initiative, the progress has really been made possible by the team building our automated malware detection system, Release Integrity, part of the next-generation Nexus ...
- A fake Netflix-like app removed from Google Play Store after it spread malware via WhatsAppon April 7, 2021 at 7:15 pm
A fake Netflix app on Google Play Store targeted to spread malware by automatically responding to WhatsApp messages. App now removed. Here's the full story.
- Attackers Blowing Up Discord, Slack with Malwareon April 7, 2021 at 1:50 pm
Once it has evaded detection by security ... The researchers saw this behavior across malware, adding that one Discord CDN search turned up almost 20,000 results in VirusTotal.
- New wormable Android malware poses as Netflix to hijack WhatsApp sessionson April 7, 2021 at 10:13 am
Check Point Research (CPR) said the "wormable" mobile malware was discovered in the Google Play Store, the official repository for Android apps. The malicious software, dubbed "FlixOnline," disguises ...
- How malware will keep banks’ cybersecurity teams busy in 2021on April 1, 2021 at 4:57 am
The key to actively defending against these attacks going forward is not simply detection – it’s deterrence as well. It is for this reason that technologies that combine advanced malware detection ...
- Weakness in EDR Tools Lets Attackers Push Malware Past Themon March 31, 2021 at 6:16 am
A technique called hooking used by most endpoint detection and response products to monitor running processes can be abused, new research shows.
- WatchGuard reports the ups and downs of malwareon March 30, 2021 at 4:31 pm
Security vendor WatchGuard Technologies' Internet Security Report for Q4 2020 shows fileless malware attack rates grew by nearly 900% while unique ransomware payloads plummeted by 48%. Fileless ...
via Bing News