Zero-day infections are common
Antivirus software running on your computer has one big weak point – if a new virus is released before the antivirus provider knows about it or before the next scheduled antivirus software update, your system can be infected. Such zero-day infections are common.
However, a key recent development in antivirus software is to incorporate built-in defences against viruses and other computer malware for which they have no prior knowledge. These defences usually respond to unusual activity that resembles the way viruses behave once they have infected a system. This so-called heuristic approach combined with regularly updated antivirus software will usually protect you against known viruses and even zero-day viruses. However, in reality, there are inevitably some attacks that continue to slip through the safety net.
Writing in a forthcoming issue of the International Journal of Electronic Security and Digital Forensics, researchers at the Australian National University, in Acton, ACT, and the Northern Melbourne Institute of TAFE jointly with Victorian Institute of Technology, in Melbourne Victoria, have devised an approach to virus detection that acts as a third layer on top of scanning for known viruses and heuristic scanning.
The new approach employs a data mining algorithm to identify malicious code on a system and the anomaly of behaviour patterns detected is predominantly based on the rate at which various operating system functions are being “called”. Their initial tests show an almost 100% detection rate and a false positive rate of just 2.5% for spotting embedded malicious code that is in “stealth mode” prior to being activated for particular malicious purposes.
The Latest on: Malware
- A New Breed of Cyberattack Uses Remote-Control Malware to Sabotage Industrial Safety Systems on January 20, 2018 at 7:59 pm
New details about a worrying industrial-plant hack show that cyberattacks on infrastructure are becoming a greater threat than ever. Backstory: Last month, security researchers explained that new malware called Triton had been used to shut down operations ... […]
- Okiru malware puts billions of connected devices at risk on January 20, 2018 at 7:56 pm
A new variant of the Mirai malware puts ARC processors at risk of being exploited. The Mirai variant, known as Okiru, is the first malware that is able to infect Argonaut RISC Core (ARC) processors, according to a researcher known as unixfreaxjp at the ... […]
- Smartphone Spying Op Targeted Thousands With Malware, Phishing on January 20, 2018 at 1:18 pm
Whoops! A global spying operation possibly out of Lebanon has accidentally revealed itself thanks to an exposed server on the open internet. Security researchers from Lookout and the Electronic Frontier Foundation spotted the server, and said the spying op ... […]
- Security News This Week: Hacking Group's Mobile Malware Spies on Thousands Worldwide on January 20, 2018 at 7:00 am
This week, Hawaii reeled after an emergency text alert about an impending nuclear missile attack triggered panic—and then turned out to be a false alarm. Researchers provided more details about the sophisticated Triton malware that targets industrial ... […]
- What you need to know about bitcoin-searching malware on January 19, 2018 at 1:58 pm
- How the Triton malware shut down critical infrastructure in the Middle East on January 19, 2018 at 10:36 am
Industrial sites are tempting targets for cyberattacks. Businesses need to be ready to protect against crippling malware assaults in the future.--TechRepublic The attack vector for Triton, the nation state-sponsored malware that attacked industrial sites ... […]
- Hackers are using recent Microsoft Office vulnerabilities to distribute malware on January 19, 2018 at 7:20 am
Video: 10 key strategies for disaster preparedness and increased IT security Hackers are exploiting vulnerabilities in Microsoft Office software to spread a sophisticated form of malware that's capable of stealing credentials, dropping additional malware ... […]
- DNS-hijacking malware sneaks past anti-virus and creeps into Apple macOS on January 19, 2018 at 6:59 am
MORE SECURITY PROBLEMS for Apple as fresh malware has been found that evades anti-virus software to snoop on macOS users' internet traffic. The malware was discovered by a Malwarebytes forum user going by the name of MikeOfMaine, who noted that there was ... […]
- Multifaceted Zyklon Malware Targets Microsoft Office Vulnerabilities on January 19, 2018 at 12:00 am
Security researchers at FireEye warn that Zyklon is using recent vulnerabilities found in Microsoft Office to make a comeback. Researchers with security company FireEye are warning Microsoft Office users that Zyklon has resurfaced, and attackers are ... […]
via Google News and Bing News