iTWire - Norton 2010 to tackle polymorphism

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Technology news and Jobs

Norton 2010 to tackle polymorphism

Norton 2010 to tackle polymorphism

E-mail

by Stephen Withers
Monday, 03 August 2009
Page 1 of 2 The 2010 versions of Symantec's Norton consumer security products have been designed to tackle a technique that's been used to get malware onto large numbers of computers. Featured Whitepaper 5 Best Practices for Smartphone Support A piece of malware known as Clampi or Clomp (among other names) is doing the rounds at present. As many as one million Windows-based PCs are thought to be infected. This should be particularly worrying for users as it grabs credentials for online banks and other money-related sites such as casinos. One of the sneaky things about Clampi is that it ensures that identical files aren't delivered to all computers. According to PC Tools' ThreatFire Research team, three-quarters of all Clampi executables are unique. Such polymorphism makes it difficult to perform signature-based detection of Clampi. It can sometimes be spotted indirectly by recognising the packer used in any particular example, and behavioural detection can also be successful. For example, Sophos detects the way Clampi injects code into Internet Explorer, and recognises the PsExec utility (installed by Clampi, but which also has legitimate uses) as a potentially unwanted application. But a feature that's new to the forthcoming Norton 2010 products should be able to stop such polymorphic attacks before the code is installed. Symantec is introducing reputation to the fight against malware. The basic idea is that if you are one of the first few people among the company's millions of users to run a particular application, then unless you are a software developer there's a good chance that it is polymorphic malware. So when Norton 2010 sees a very rarely detected application trying to run, it will suggest that at the very least you delay the operation until more information is available. << First page < 1 2 Next page > Last page - Post your comment >>

< Next story in category		Previous story in the category >

Sponsored Releases

Open Text Deepens Integration with SAP® Solutions

As Christmas Nears, AVG (AU/NZ) Advises Shoppers How to Stay Safe Online

Progress Software Successfully Enables SaaS Deployment in the Cloud for Fifth Year

British Airways selects Progress Software SOA Solutions to upgrade the travel experience

...Promote your press-releases here

Latest jobs

User Experience Architect (C4)
Consulting Services Branch Manager
Process Analyst X 4 (M4)
Content Co-Ordinator (M3)
Senior .Net Developer (M3)
Business Analyst (M17)
Test Lead
Senior Business Analyst
Business Analyst - Financial Markets, Ops focus
Technical Business Analyst - BI & DW - Contract

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Today on iTWire

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking