Tag Archives: anti-virus

Why antivirus companies like mine failed to catch Flame and Stuxnet

Mikko Hypponen of F-Secure discusses mainstream failure to detect and identify Stuxnet and Flame:

A couple of days ago, I received an e-mail from Iran. It was sent by an analyst from the Iranian Computer Emergency Response Team, and it was informing me about a piece of malware their team had found infecting a variety of Iranian computers. This turned out to be Flame: the malware that has now been front-page news worldwide.

When we went digging through our archive for related samples of malware, we were surprised to find that we already had samples of Flame, dating back to 2010 and 2011, that we were unaware we possessed. They had come through automated reporting mechanisms, but had never been flagged by the system as something we should examine closely. Researchers at other antivirus firms have found evidence that they received samples of the malware even earlier than this, indicating that the malware was older than 2010.

Very interesting that they (and others) had samples of the malware several years old, yet hadn’t examined it yet.  I imagine they receive thousands of submissions, so I wonder what pushes a sample from the “submitted” queue to the “let’s have a closer look at this” queue.

via Why antivirus companies like mine failed to catch Flame and Stuxnet | Ars Technica.

Verizon tips for Mac security and anti-virus

Some handy tips to keep your Mac safe on the Internet:

Our most critical recommendations for OS X security have not changed much since its release ten years ago:

  • Uncheck the “Open ’safe’ files after download” box in Safari’s General Preferences.
  • Utilize your browser’s security features (anti-popup, anti-phishing, etc.).
  • Run Software Update on a weekly basis, and install security updates as they are made available.
  • In the Security System Preference, be sure the firewall is on.
  • Do not download, run, or share software from unknown sources.
  • Do not open or share unexpected attachments received via email or instant messenger.
  • Only connect to trusted wireless networks.
  • In an enterprise environment, an anti-spam solution should be in place.

via Verizon Business Security Blog » Blog Archive » It’s time to consider Mac AV.