|
Archive for the ‘AMTSO’ Category
Thursday, December 31st, 2009
Just before we pop corks at the arrival of 2010 and the passing of 2009, let’s take a quick look at the second half of 2009.
Across the U.S. the ThreatFire community saw huge numbers of FakeAv variants disappointingly being run on systems, the Vundo ad-popping trojan appearing all over desktops, and Koobface worming its way across social networks. In India, the Sality virus/downloader and varieties of bots attempted to infect systems — when ThreatFire’s community’s statistics are extrapolated out to the 40 million likely computers in that country, we can estimate that millions of Indian systems were attacked by this virus. In China, we saw gaming password stealing worms continue to spread out across the country, most likely distributed through usb sticks and other removable drives. Hot topics consistently led to blackhat SEO and phony codecs. Socially engineered bulk email schemes delivered attachments that dropped password stealing Zbot and Bredolab downloaders, users were easily convinced that they received invoices from delivery services or social networks were updating their systems. The Conficker hype grew exponentially and is all too slowly whimpering away, while the Waledac threat mutated and began to dry up altogether.
Our PC Tools ThreatFire team finished the year with a bang. The award winning PC Tools’ Internet Security Suite and its ThreatFire Behavioral Intelligence component topped all other suites as champion in the lengthiest, most comprehensive, real-world dynamic-testing malware blocking competition to date. It’s exciting to see AMTSO dynamic testing best practices being adopted and used to better drive testing and scenarios that best evaluate malware attacks that most computer users really can encounter on a daily basis. Nice testing effort and results indeed.
As 2010 arrives, we hope that existing and new ThreatFire/Behavior Guard users around the world look forward to fewer of these threats being realized on their own systems and another year of confidence in their information driven world.
Posted in AMTSO, Bot, Bredolab, Crimeware, FakeAlert, Koobface, Malware Estimates, Password stealing, Rogueware, Sality, Social Engineering, Vundo, Waledac, ZBot | No Comments »
Monday, October 12th, 2009
Yesterday’s AMTSO conference brought with it formal announcements of Board positions, new tools for the AMTSO to offer testers (be sure to join the group!) and potential new efforts. There were some Board updates due to terms expiring, and discussion about the group’s directions. The meeting and its agenda are posted at the site’s meeting link.
The group continues to pursue ways to improve testing methods, and finding and collecting malware has always been an issue for improvement. The group is attempting to ensure testing samples that are current, and providing testing matter that exercises products in ways adequate to support reviewer conclusions.
Various papers were discussed and only two of these put up for vote. The group passed the two important papers today that will be posted to the website soon — “Issues in Creating Samples for Testing”, and “Network AV Testing”.
Posted in AMTSO, AntiMalware Solutions | No Comments »
Saturday, May 9th, 2009
The Anti-Malware Testing Standards Organization finished up its meeting in Budapest, Hungary this week. PC Tools was in attendance at this meeting as well, seeing three new papers passed and contributing to others in progress.
The AMTSO website has changed a bit, but the goals and our commitment to contributing to these standards and meeting challenges around anti-malware testing methodologies has not. Our second year of active participation should witness more outbound efforts by the organization. The three papers passed in this meeting will be posted on the documents section of the web site soon:
1. Testing Sample Validation
2. A Process for Evaluating Testing and Reviews
3. In the Cloud Testing Procedures.
Now that the body has voted these standards are firmly in place, the testing groups, media, academics, advisors and vendors participating in the group will see it move forward with a more active role in applying and clarifying these standards.
Posted in AMTSO | No Comments »
|
|
|
|
