Mar 16 2010

Network Security Podcast, Episode 189

Published by at 7:33 pm under Hacking,Malware,Podcast,Risk,Security Advisories

We’ve been hearing about the Aurora attacks on Google and a host of other companies since early January.  So why is it that NSS Labs is finding that the majority of the End Point Protection (aka AV) companies aren’t protecting against the vulnerability yet?  And why is AVG upset with NSS Labs and their testing methods? To answer these questions and many more, Rich and Martin were joined tonight by Vikram Phatak, the CTO of NSS Labs.  Vik gave us some of the back story on why they were testing AV products and some of the surprising discoveries they made.  It’s not easy being an independent testing company and sometimes you’re going to annoy people despite your best efforts.  And sometimes people are going to be annoyed with you no matter what.

One point Vik wanted to make that didn’t make it into the podcast is that the 0day that was used in the Aurora attack is not just being used against corporate targets.  It’s being used against consumers as well, so it’s important that the average home user be aware that their AV product may not be protecting them at this point.  What is part of the podcast is a discussion of how many AV vendors are trying to protect against the payload that malware is attempting to deliver, not the exploit itself.  Both are important points people need to be aware of.

Network Security Podcast, Episode 189, March 16, 2010
Time:  39:56

Show Notes:

[Slashdot] [Digg] [Reddit] [] [Facebook] [Technorati] [Google] [StumbleUpon]

2 responses so far

2 Responses to “Network Security Podcast, Episode 189”

  1. Andy Whittenon 25 Mar 2010 at 9:10 am

    There are two primary approaches to Intrusion Detection and they both work. But, they work against different threats, for different reasons. One is the ‘classical’ IDS approach: know what attack looks like, and look for the attack.

  2. Adams23on 20 Apr 2010 at 7:55 am

    This information is what consumers should definitely be aware of. NSS Labs is only pointing out what is not readily known. AV vendors are not taking into account that the malware displayed is only a by-product of the exploits.

%d bloggers like this: