Custom Malware Sneaks Past Advanced Threat Detection Appliances In Lab Experiment

  • 26 November 2014
  • 0 replies
  • 174 views

Userlevel 7
By Kelly Jackson Higgins
 
An independent test of advanced threat detection products demonstrates how they could be bypassed by attackers.
 Some of the top advanced threat detection products failed to catch custom-written malware samples posing as targeted attacks in an independent lab study.
Researchers from the Laboratory of Cryptography and System Security (CrySyS) Lab and MRG Effitas teamed up to test five "well-established" advanced threat detection appliances to see just how effective these technologies are in spotting unknown threats. The goal of the tests was not to determine the detection rates of the products, but rather to see whether they could bypass them. The researchers did not reveal the names of the products.
One of the four custom samples written by the researchers snuck past all five of the products, while another bypassed three of them. The two most basic samples were detected by all five of the products, but in some cases they registered only a low-severity alarm.
 
full article

0 replies

Be the first to reply!

Reply