[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Martijn Grooten wrote: > On Wed, May 30, 2012 at 6:11 AM, Simon Waters wrote: >> >> Mostly it tells you that current anti-malware practice isn't terribly >> good, in that it went undetected for so long. > > That's a good point and one I've seen people from within the > anti-malware industry make, but it's not an entirely fair criticism: > it only shows that if you've got enough resources you can defeat/evade > security software. I wasn't necessarily thinking of just the anti-malware software, but processes and the like. Several of the vulnerabilities mentioned should already be patched, or rely on doubtful practices. I guess it is possible the major infections were done via other zero day exploits, or possibly given the age of infection they were zero day exploits when they were used. But ultimately the malware has to get in, the data has to get back, and certainly that later one can be a weakness if sites have good perimeter security, or even just intrusion detection (so they send the secret documents out, but at least they spot the unusual traffic and figured out they were owned). -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq