RSS Alerts

Related Links

Related Stories

  • Gumblar malware attack sweeps web
    A modified attack that alters Google searches is taking the web by storm according to security researchers, who have identified more malware domains being used in the attack.
  • Fake search engines used to divert users to malware infected websites
    Hackers are starting to create fake search engine sites to divert hapless internet users to malware infected websites, says PandaLabs, the research operation of Panda Security.
  • Mac Trojans Proliferate
    Malware writers must be celebrating the 25th anniversary of the Mac. Intego, which produces antivirus software for the OS X. platform, noticed two Trojan programs circulating in the past week on peer-to-peer sites, buried within pirated copies of high-value Mac programs.
  • Malware protection before infection
    A US Department of Homeland Security-funded research program will help deliver Endeavor Security’s new method of targeting botnet and malware attacks before hosts are infected.
  • Finding Your Way: An Overview of Industry Qualifications and Associations
    The proliferation of information security qualifications, standards and membership associations has reached a level whereby a degree of confusion is understandable. Peter Drabwell introduces some of the qualifications and associations out there

News

Anti-malware groups align themselves

22 May 2009

Anti-malware efforts took a significant step forward this week with the announcement of an initiative to try and bring legitimate software businesses together and lock out malware writers.

The Anti-Spyware Coalition, National Cyber Security Alliance, and StopBadware.org have clubbed together to form the Chain of Trust initiative, which will look together at security vendors, researchers, internet service providers, and government agencies. The three organizations hope that the initiative will help to establish a united front against the malware threat.

The initiative hopes to map the vulnerable points between different entities, because it is these gaps that provide the loopholes for malware writers to exploit. "Only by identifying all the vulnerable links in understanding how they connect to one another can malware fighters get a handle on the problem and begin to develop consensus of solutions," the trio in a statement.

Having mapped the network of different organizations and individuals that play a part in creating and distributing legitimate software and services, the group will identify critical ways in which they can work together. It expects to produce a paper with the results of this mapping project by the end of the year.

In related news, the anti-malware community also united in an attempt to compare independent anti-malware reviewers to its own reviewing standards. The Anti-Malware Testing Standards Organization announced this week that it will begin to analyze anti-malware reviews, in a bid to ensure that independent tests of anti-malware products conform to its own standards. It published guidelines on what constitutes a valid sample to be used in tests. It also produced an overview of the challenges involved in testing cloud-based security products, which are not installed locally.

"AMTSO wants to promote great testing that is meaningful, accurate, and, above all, useful to customers," said board member Stuart Taylor, of Sophos. "Sadly, many published texts range from misguided to misleading. Just the anti-malware companies hunt out and eliminate rogue anti-malware software, so AMTSO needs to hunt out and eliminate rogue tests and reviews."

Independent testing laboratories that compare malware products include ICSA Labs, and AV-Comparatives.org, both of whom are members of AMTSO, and who will likely have contributed to its testing guidelines.

 

This article is featured in:
Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water