Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Instances of polymorphic malware has significantly increased this month according to Symantec.
The vendor said that in July 23.7 per cent of all malicious email-borne malware was characterised as aggressive strains of generic polymorphic malware.
In September this rocketed to 72 per cent as cyber criminals adopted a variety of more sophisticated techniques, such as sending emails purporting to be from a smart printer/scanner and forwarded by a colleague.
“The most recent attacks in the report are email-based, in the form of attachments disguised with some interesting social engineering," said Paul Wood, senior intelligence analyst at Symantec.cloud.
“The anti-virus industry's response to (server side) polymorphic malware has been the use of behavioural analysis in a virtual sandbox. This allows the code to be run in a tightly controlled environment where the anti-virus software can perform some analysis of its functionality.
“However, the new malware includes ways that attempt to defeat these emulators, including changing the start-up code in every version, subtly changing the structure to make it harder for emulators to identify it as malicious.”
Wood said anti-virus technology cannot rely solely on heuristics and signatures to defend against attacks, and must take into account the integrity of the executable based on knowledge of its reputation and distribution in the wild.
This article originally appeared at scmagazineuk.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.