Security threats Toolkit
Story: JPEG exploit could beat antivirus, says expert
Posted by: Anonymous (Thursday 30 September 2004, 4:08 PM)
The basic problem is now all worm attacks since MS Blaster have been in one way or another testing various methodologies that can be used to create multiple DDoS//DoS attacks, stealth through network security devices, discover and attack key AV/security vendor appliances or software, conduct external queries, copy key spyware concepts of "blended attacks or drive by downloads so one can conduct extortion attemtps, or ID theft---and it is being done by what I would now term
"virtual attack machines". These are the thousands of infected but dormant pcs (bots)globally that can be literallly turned on or off now at will and where one can purchase on some sites entire lists of "bots".
Even one of the latest worms carried the first ever "sniffer" filter. So in fact the concept of criminally organized and supported cyberwarfare in now upon us.
The leading AV/Security vendors do not have an answer to how to defend against a "virtual attack" ---here is a great comment from a leading AV vendor that seems to be saying the same thing but would never publically admit the concept of a "virtual attack machine" as they have no answer against it either.
“Bot (or zombie) networks create unique problems for organisations and individual PC users as systems can be automatically upgraded with new exploits very quickly, allowing attackers to outpace efforts to patch or download security updates.”
So what is the answer from the AV and Security vendors----is in fact the security paradigm of "defense in depth" actually out dated even though millions have been spent on it and in fact more millions spent on it this year?
Is it not time to recognize the failure and get creative and demand from the security vendors a truly "adaptive or mutating security layer" that follows the concept "from the core to the edge in real time and proactive"---core meaning network services being provided to an end user where ever they are located.
Actually all elements are in fact avialable to put an early warning system immdeiately to incliude a very creative mutating AI, but the leading security vendors simply do not want to use them as mostly come from innovative smaller companies.
From a networker of 15 years that cannot believe security has actually gone backwards not forwards in the last 12 months.
Full Talkback thread
