Spyware - IT Library : ZDNet Asia

White Papers

Case Studies

Vendor Webcast

Show all content

Title Date Added Company

A Dose by Any Other Name 2008-10-01 Eset

Years ago, when alt.comp.virus was still useful, 'Name that virus' was a popular virtual party game, and virus names were, if not standardized, at least easy to cross-reference with tools like VGrep. It is important to try to keep customer expectations realistic. The glut problem can't be fixed by throwing more and more resources at analysis throughput focused on near-exact identification. Modern malware is not always susceptible to automated removal: some families are notorious for digging themselves into a system without any regard for the effect of a botched removal. Precise information about a short-lived variant is a lower priority than detection and blocking of malware families, and precise identification is a poor performance metric without a firm correlation between names and samples.

Tags: Intrusion - Tampering

VIPRE Takes a Bite Out of Bloatware 2008-10-01 Sunbelt Software

Hackers and rogue code writers will continue to ply their trade and create new, ever more efficient and pernicious viruses and blended malware threats. This will in turn, cause many of the antivirus vendors to continue to expand their code base. Unless or until the leading antivirus/antispyware vendors re-architect their products from scratch, as Sunbelt has done with VIPRE Enterprise, bloatware will continue to abound. Preventive antivirus and antispyware packages are "Must Haves" in today's networking environments. No company from the smallest business with 10 users up to the largest enterprise with 100,000+ employees is immune from the security threats posed by rogue code, which include viruses, trojans, bots, zombies, spyware, spam, and blended malware.

Tags: Security Administration, Intrusion - Tampering

Web Threats: Focus on Malicious URLs 2008-10-01 Trend Micro

At the heart of many Web threats today is the seemingly innocuous URL in an email. Called a "Malicious URL" by cyber security experts, this link can lead to a range of unwanted eventualities. Enticed to click on these malicious links by persuasive social engineering, users are unknowingly succumbing to information theft, participation in a larger botnet, and other nefarious activities. As cybercriminals continue their relentless pursuit of profit, these attacks are unlikely to subside, and in fact may increase during times of economic turmoil around the world. However, businesses and consumers can implement safe practices to prevent them from becoming victims. This white paper describes various types of malicious URL techniques, used in combination with other approaches, and summarizes some of these best practices and technology-based solutions.

Tags: Security Administration, Intrusion - Tampering

The Vertical Risk: Web-Delivered Malware Impact by Industry 2008-10-01 ScanSafe

The type and frequency of Web-delivered malware changed dramatically in 2008. Chief among the causative factors was the marriage of profit-motivated attackers to automated tools that streamline both the discovery and the compromise of vulnerable websites. While SQL injection attacks have by far been the most prevalent attacks on websites throughout 2008, all forms of website compromise have been on the increase. These compromises are not occurring by the hundreds or even the thousands, but rather can be counted in the millions. This ScanSafe STAT Vertical Risk Assessment presents the results of that analysis, detailing the vertical rates of exposure to Web-delivered malware as well as providing an analysis of the types and severity of the malware encountered.

Tags: Intrusion - Tampering, IT Budgeting

SMM Rootkits: A New Breed of OS Independent Malware 2008-09-25 Association for Computing Machinery

The emergence of hardware virtualization technology has led to the development of OS independent malware such as the Virtual Machine Based Rootkits (VMBRs). This paper draws attention to a different but related threat that exists on many commodity systems in operation today: The System Management Mode Based Rootkit (SMBR). System Management Mode (SMM) is a relatively obscure mode on Intel processors used for low-level hardware control. It has its own private memory space and execution environment which is generally invisible to code running outside (e.g., the Operating System). Furthermore, SMM code is completely non-preemptible, lacks any concept of privilege level, and is immune to memory protection mechanisms. These features make it a potentially attractive home for stealthy rootkits.

The Ecology of Malware 2008-09-25 Association for Computing Machinery

The fight against malicious software (or malware, which includes everything from worms to viruses to botnets) is often viewed as an "Arms Race." Conventional wisdom is that one must continually "Raise the Bar" for the malware creators. However, the multitude of malware has itself evolved into a complex environment, and properties not unlike those of ecological systems have begun to emerge. In this position paper, it argued that taking an ecological approach to malware defense will suggest new defenses. In particular, it can exploit the fact that interactions of malware with its environment, and with other malware, are neither fully predictable nor fully controllable by the malware author - yet the emergent behavior will follow general ecological principles that can be exploited for malware defense.

Tags: Security Administration, Intrusion - Tampering

An Information-Theoretical View of Network-Aware Malware Attacks 2008-09-08 Florida International University

This paper investigates three aspects: a network vulnerability as the non-uniform vulnerable-host distribution, threats, i.e., intelligent malwares that exploit such a vulnerability, and defense, i.e., challenges for fighting the threats. They first study five large data sets and observe consistent clustered vulnerable-host distributions. They then present a new metric, referred to as the non-uniformity factor, which quantifies the unevenness of a vulnerable-host distribution. This metric is essentially the Renyi information entropy and better characterizes the non-uniformity of a distribution than the Shannon entropy. Next, they analyze the propagation speed of network-aware malwares in view of information theory. In particular, they draw a relationship between Renyi entropies and randomized epidemic malware-scanning algorithms.

Tags: Intrusion - Tampering

Bloxx Internet Filtering Proves Best Fit for Easton-Bell Sports 2008-09-04 Bloxx

Easton-Bell Sports was growing increasingly concerned about its bandwidth consumption, as well as the time IT staff members were spending removing malware from employees' computers. In addition, upper management was eager to assess employee Internet use and its affect on productivity. The rising importance of these issues caused the company to seek out a cost-effective Internet filtering solution. After extensively evaluating a number of different web filtering solutions, Easton-Bell selected Bloxx's web filtering appliance as the most satisfying solution for EBS. It is a dynamic content filtering solution that uses industry-leading Tru-View Technology to analyze, categorize and filter websites in real time.

Tags: Intrusion - Tampering

Productivity, Internet Abuse, and How to Improve One by Eliminating the Other 2008-09-04 Bloxx

This white paper does not focus on Internet highlights, but on some of the considerable downsides--and how to eliminate them. Specifically, it explains the effect of Internet abuse on employee productivity, which is huge and not fully appreciated. It then examines the best strategies and technologies to combat abuse so that organizations can enhance the Internet as a tool and remove its potential as a productivity curse.

Tags: Security Administration, Internet and Web, Intrusion - Tampering

All-in-One Internet Filtering Solution Solves Costly Problems for Easton-Bell Sports 2008-09-04 Bloxx

After extensively evaluating a number of different Web filtering solutions, Network Operations Manager Matt Baskett and his team at Easton-Bell Sports (EBS) selected Bloxx's Web filtering appliance as the most satisfying solution for EBS. It is a dynamic content filtering solution that uses industry-leading Tru-View Technology to analyze, categorize and filter Websites in real time. The all-in-one Bloxx appliance includes: Web filtering; reporting tools; caching; IM and P2P control, malware blocking, and anonymous proxy filtering capabilities.

Tags: Security Administration, Security Administration, Internet and Web, Intrusion - Tampering

Jump to 1 2 3 4 5 6 [7] 8 9 10

Title	Date Added	Company
A Dose by Any Other Name	2008-10-01	Eset
Years ago, when alt.comp.virus was still useful, 'Name that virus' was a popular virtual party game, and virus names were, if not standardized, at least easy to cross-reference with tools like VGrep. It is important to try to keep customer expectations realistic. The glut problem can't be fixed by throwing more and more resources at analysis throughput focused on near-exact identification. Modern malware is not always susceptible to automated removal: some families are notorious for digging themselves into a system without any regard for the effect of a botched removal. Precise information about a short-lived variant is a lower priority than detection and blocking of malware families, and precise identification is a poor performance metric without a firm correlation between names and samples. Tags: Intrusion - Tampering
VIPRE Takes a Bite Out of Bloatware	2008-10-01	Sunbelt Software
Hackers and rogue code writers will continue to ply their trade and create new, ever more efficient and pernicious viruses and blended malware threats. This will in turn, cause many of the antivirus vendors to continue to expand their code base. Unless or until the leading antivirus/antispyware vendors re-architect their products from scratch, as Sunbelt has done with VIPRE Enterprise, bloatware will continue to abound. Preventive antivirus and antispyware packages are "Must Haves" in today's networking environments. No company from the smallest business with 10 users up to the largest enterprise with 100,000+ employees is immune from the security threats posed by rogue code, which include viruses, trojans, bots, zombies, spyware, spam, and blended malware. Tags: Security Administration, Intrusion - Tampering
Web Threats: Focus on Malicious URLs	2008-10-01	Trend Micro
At the heart of many Web threats today is the seemingly innocuous URL in an email. Called a "Malicious URL" by cyber security experts, this link can lead to a range of unwanted eventualities. Enticed to click on these malicious links by persuasive social engineering, users are unknowingly succumbing to information theft, participation in a larger botnet, and other nefarious activities. As cybercriminals continue their relentless pursuit of profit, these attacks are unlikely to subside, and in fact may increase during times of economic turmoil around the world. However, businesses and consumers can implement safe practices to prevent them from becoming victims. This white paper describes various types of malicious URL techniques, used in combination with other approaches, and summarizes some of these best practices and technology-based solutions. Tags: Security Administration, Intrusion - Tampering
The Vertical Risk: Web-Delivered Malware Impact by Industry	2008-10-01	ScanSafe
The type and frequency of Web-delivered malware changed dramatically in 2008. Chief among the causative factors was the marriage of profit-motivated attackers to automated tools that streamline both the discovery and the compromise of vulnerable websites. While SQL injection attacks have by far been the most prevalent attacks on websites throughout 2008, all forms of website compromise have been on the increase. These compromises are not occurring by the hundreds or even the thousands, but rather can be counted in the millions. This ScanSafe STAT Vertical Risk Assessment presents the results of that analysis, detailing the vertical rates of exposure to Web-delivered malware as well as providing an analysis of the types and severity of the malware encountered. Tags: Intrusion - Tampering, IT Budgeting
SMM Rootkits: A New Breed of OS Independent Malware	2008-09-25	Association for Computing Machinery
The emergence of hardware virtualization technology has led to the development of OS independent malware such as the Virtual Machine Based Rootkits (VMBRs). This paper draws attention to a different but related threat that exists on many commodity systems in operation today: The System Management Mode Based Rootkit (SMBR). System Management Mode (SMM) is a relatively obscure mode on Intel processors used for low-level hardware control. It has its own private memory space and execution environment which is generally invisible to code running outside (e.g., the Operating System). Furthermore, SMM code is completely non-preemptible, lacks any concept of privilege level, and is immune to memory protection mechanisms. These features make it a potentially attractive home for stealthy rootkits.
The Ecology of Malware	2008-09-25	Association for Computing Machinery
The fight against malicious software (or malware, which includes everything from worms to viruses to botnets) is often viewed as an "Arms Race." Conventional wisdom is that one must continually "Raise the Bar" for the malware creators. However, the multitude of malware has itself evolved into a complex environment, and properties not unlike those of ecological systems have begun to emerge. In this position paper, it argued that taking an ecological approach to malware defense will suggest new defenses. In particular, it can exploit the fact that interactions of malware with its environment, and with other malware, are neither fully predictable nor fully controllable by the malware author - yet the emergent behavior will follow general ecological principles that can be exploited for malware defense. Tags: Security Administration, Intrusion - Tampering
An Information-Theoretical View of Network-Aware Malware Attacks	2008-09-08	Florida International University
This paper investigates three aspects: a network vulnerability as the non-uniform vulnerable-host distribution, threats, i.e., intelligent malwares that exploit such a vulnerability, and defense, i.e., challenges for fighting the threats. They first study five large data sets and observe consistent clustered vulnerable-host distributions. They then present a new metric, referred to as the non-uniformity factor, which quantifies the unevenness of a vulnerable-host distribution. This metric is essentially the Renyi information entropy and better characterizes the non-uniformity of a distribution than the Shannon entropy. Next, they analyze the propagation speed of network-aware malwares in view of information theory. In particular, they draw a relationship between Renyi entropies and randomized epidemic malware-scanning algorithms. Tags: Intrusion - Tampering
Bloxx Internet Filtering Proves Best Fit for Easton-Bell Sports	2008-09-04	Bloxx
Easton-Bell Sports was growing increasingly concerned about its bandwidth consumption, as well as the time IT staff members were spending removing malware from employees' computers. In addition, upper management was eager to assess employee Internet use and its affect on productivity. The rising importance of these issues caused the company to seek out a cost-effective Internet filtering solution. After extensively evaluating a number of different web filtering solutions, Easton-Bell selected Bloxx's web filtering appliance as the most satisfying solution for EBS. It is a dynamic content filtering solution that uses industry-leading Tru-View Technology to analyze, categorize and filter websites in real time. Tags: Intrusion - Tampering
Productivity, Internet Abuse, and How to Improve One by Eliminating the Other	2008-09-04	Bloxx
This white paper does not focus on Internet highlights, but on some of the considerable downsides--and how to eliminate them. Specifically, it explains the effect of Internet abuse on employee productivity, which is huge and not fully appreciated. It then examines the best strategies and technologies to combat abuse so that organizations can enhance the Internet as a tool and remove its potential as a productivity curse. Tags: Security Administration, Internet and Web, Intrusion - Tampering
All-in-One Internet Filtering Solution Solves Costly Problems for Easton-Bell Sports	2008-09-04	Bloxx
After extensively evaluating a number of different Web filtering solutions, Network Operations Manager Matt Baskett and his team at Easton-Bell Sports (EBS) selected Bloxx's Web filtering appliance as the most satisfying solution for EBS. It is a dynamic content filtering solution that uses industry-leading Tru-View Technology to analyze, categorize and filter Websites in real time. The all-in-one Bloxx appliance includes: Web filtering; reporting tools; caching; IM and P2P control, malware blocking, and anonymous proxy filtering capabilities. Tags: Security Administration, Security Administration, Internet and Web, Intrusion - Tampering

Cutting-edge technology from premium sponsors

Adaptive Threat Management
High Performance Security for your Distributed Enterprise

Achieve lower TCO, agility, risk mitigation, compliance, and productivity

Webcast series: Cybercrime is a growth industry - is your organisation prepared?
More resources to optimize the security of your enterprise »

Brought to you by:

More Tech Showcases:

Juniper Networks
Hitachi Eco-Products

IDC's Powering the Enterprise Cloud Event 2009

12 Nov - 17 Dec 2009

Grand Copthorne Waterfront Hotel, Singapore

Cloud Computing Summit 2009

9 Dec 2009

Hong Kong Convention and Exhibition Center

4th Annual GovTech 2010

27 - 28 Jan 2010

Amara Hotel, Singapore

ZDNet Asia Top Tech 50 Index

AT&T

Asustek

Canon

Convergys

Ericsson

Hewlett-Packard

Infosys

LogicaCMG

NTT

Samsung

SingTel Group

Toshiba

Xerox

Accenture

Atos Origin

Capgemini

Dell

France Telecom

Hitachi

Intel

Microsoft

Nokia

Satyam Computer Services

Sony

Verizon Communications

ZTE

Alcatel-Lucent

British Telecom

China Mobile

Deutsche Telekom

Fujitsu

Huawei Technologies

LG Electronics

Motorola

Oracle

Seagate Technology

Sun Microsystems

Western Digital

Apple

CSC

Cisco Systems

EMC

Google

IBM

Lenovo Group

NEC

SAP

Siemens IT Solutions & Services

Tata Consultancy Services

Wipro

ZDNet Asia's Top Tech Index will be next updated in 2010.

Overwhelmed by consolidation? Take it in steps.
Learn the 5 steps to data center consolidation - download the whitepaper now.

Choose a career with Accenture in Singapore
A dynamic job opportunity where technology and business intersect

Choose a career with Accenture in Malaysia
A dynamic job opportunity where technology and business intersect

Improving the Security & Management of Active Directory:
See a live demonstration of NetIQ DRA now

The Roots for a Greener World
Discover Hitachi's Environmental Vision 2025 and featured Eco-Products

The Desktop Virtualization Revolution is here!
Find our more with Citrix Simplicity is Power

Master in Organisational Leadership
Part-time masters program from Monash University. Find out more.

Lack of visibility into network issues and performance?
Find out today. Download SolarWinds FREE 30-Day Trial Software here.

IT Salary & Skills Report 2009
Join activeTechPros for free access to the report

More from CBS Interactive

CBS Interactive Inc Sites

About ZDNet Asia |

About CBS Interactive |

ZDNet Asia editorial calendar |

Advertise with us |

Jobs |

Partnership |

Contact Us |

CNET Direct |

CNET Asia |

CNET Asia mobile |

Sitemap

ZDNet.com |

ZDNet Japan |

ZDNet.de |

CNET UK |

CNET.de |

Tech Republic |

BNET |

MP3.com |

activeTechPros |

ZDNet UK |

ZDNet Korea |

ZDNet France |

CNET Australia |

CNET France |

Download.com |

Builder |

GameSpot

ZDNet Australia |

ZDNet Taiwan |

CNET |

CNET Taiwan |

News.com |

Silicon.com |

TV.com |

GameSpot Korea

News | Insight | Reviews | TechGuides | Jobs | Blogs | Videos | Community | Downloads | IT Library |

Get RSS feeds

Security

Featured Whitepapers

Member Login

Adaptive Threat Management

ZDNet Asia Top Tech 50 Index