- 10 Microsoft research projects
- 10 kitchen gadgets for the geek gourmet
- Verizon trounces competition
- Smartphone smackdown: Storm vs. iPhone
- FBI warns of holiday cyber scams
A new online malware database details the latest virus outbreaks from around the world, and shows which antivirus tools were able to block the threats and which ones failed.
The vendor Commtouch unveiled its Malware Outbreak Center this week to display a subset of recently discovered malware and the response from more than 30 antivirus tools.
Check out a keylogger Trojan discovered Nov. 3 and you’ll see it was not detected by 11 vendors, including McAfee and IBM’s Proventia. Ten vendors detected the virus immediately, including Microsoft, QuickHeal and Sophos. The rest detected the virus within a few hours, or within a couple of days.
“We see it as a wakeup call to IT managers and also to vendors of e-mail security solutions, that there are still so many viruses and malware out there that are not being stopped by most of the traditional solutions,” says Rebecca Herson, vice president of marketing for the Israel-based Commtouch.
Commtouch tested the system for several months before going live, so it contains data going back to March. Nineteen of the viruses listed were discovered Oct. 1 or later.
Commtouch hopes IT managers find the database useful in evaluating security tools.
“It takes some time to gather information about who’s blocking it and who isn’t. It’s not something people can use as a real-time alert,” Herson says. “But on the other hand I think it’s more valuable this way because it’s providing more information about who has caught it by now and who hasn’t.”
The tool has limitations. The database displays only those viruses caught by Commtouch’s technology, which it calls Zero-Hour Virus Outbreak Protection. While there’s some obvious self-interest here, Commtouch says the comparison of other vendors can be trusted because the results come from the independent AV-Test.org.
“We send a sample to AV-Test.org. … They run a lab where they have all the most updated AV engines running in parallel. They are the ones who send us all this information about who’s catching it and when,” Herson says.
The database shows only a sampling of viruses caught by Commtouch. Herson says they weed out some of the “background noise” like variants of Bagle malware, and publish the more interesting new viruses. During slow times such as the first half of this week, the majority of new malware activity is considered background noise, so Commtouch publishes only about 10% of new threats. However, during massive outbreaks with many different malware variants, Commtouch says it will publish about 90% of the total it finds.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment