Secure Computing Warns of New Security Threat: First Virus to Attack Both Email and Web Protocols
Secure Computing's TrustedSource researchers have noted that a growing number of worms are using a technique called server-side polymorphism to evade traditional signature-based anti-virus detection. Changes or updates to the malware are made transparently--manually or automatically. New versions can be repackaged and tested against the leading AV software to ensure newer versions will go undetected.
The Storm worm successfully utilizes this technique, releasing a new binary every 15 minutes to 1 hour. Our testing has confirmed that new versions of this threat have, in fact, failed detection by AV software engines as expected.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment