Antivirus tools 'pave way' for malware


	September 24, 2008 New version of PC Activity Monitor Pro (PC Acme Pro) added! more


	October 13, 2008 Exceed biometric standards, expert urges more Deloitte laptop loss spreads to rail workers and police more Malware writers spoof Patch Tuesday more Security disclosures tip the stock market more Mafiaboy Grows Up; a Hacker Seeks Redemption more Vendors, Cops, Profs Team to Study Cybercrime more Six Essential Apple iPhone Security Tips more Apple asks judge to make iPhone lawsuit moot more Report: World Bank servers breached repeatedly more Exploit code loose for six-month-old Windows bug more Google allies with click-fraud detection firm Click Forensics more Over half of U.K. firms have lost data more U.S. proposes digital signing of DNS root zone file more

E-mail:

E-mail:

DISCLAIMER: Logging other people's keystrokes or breaking into other people's computer without their permission can be considered illegal by the courts of many countries. The monitoring software reviewed here is ONLY for authorized system administrators and/or owners of computers. We assume no liability and are not responsible for any misuse or damage caused by the keylogging software. The end user of this software is obliged to obey all applicable local, state, federal and other laws in his country of residence.

July 01, 2008

Antivirus tools 'pave way' for malware

German IT consultancy N.runs has warned that antivirus products can actually open the door to attackers, enabling them to penetrate company networks and load destructive code.

Security specialists from the company claim to have discovered approximately 800 vulnerabilities in antivirus products during the past few months.

N.runs said that every virus scanner currently on the market has several highly critical flaws which could pave the way for denial-of-service attacks and enable the infiltration of destructive code past the security solution into the network.

The company said that 'parsing' is one of the main causes of this problem. In this case virus scanners must recognise as many malware applications as possible, and so must comprehend and process a large number of file formats.

In order to be able to interpret the formats, an application must partition the corresponding file into blocks and structures.

But N.runs said that mistaken assumptions in the course of programming the parsing code create constellations which enable the infiltration and subsequent running of programme code.

"In short, the more parsing that takes place, the higher the recognition rate and the degree of protection from destructive software, but at the same time the larger the attack surface which makes the antivirus product itself a target," said N.runs.

"Systematic industrial espionage, along with the interruption of all email communication, are two of the possible consequences."

The company has developed its Application Protection System AntiVirus in order to complete companies' IT security infrastructure by using multiple engines to overlap security.

Source: Vnunet.Com

	All news for October 13, 2008:
	12:44	Exceed biometric standards, expert urges
	12:42	Deloitte laptop loss spreads to rail workers and police
	12:40	Malware writers spoof Patch Tuesday
	12:39	Security disclosures tip the stock market
	12:38	Mafiaboy Grows Up; a Hacker Seeks Redemption
	12:37	Vendors, Cops, Profs Team to Study Cybercrime
	12:36	Six Essential Apple iPhone Security Tips
	12:34	Apple asks judge to make iPhone lawsuit moot
	12:34	Report: World Bank servers breached repeatedly
	12:33	Exploit code loose for six-month-old Windows bug
	12:32	Google allies with click-fraud detection firm Click Forensics
	12:30	Over half of U.K. firms have lost data
	12:30	U.S. proposes digital signing of DNS root zone file
	* No news for October 11, 2008 - October 12, 2008
	All news for October 10, 2008:
	13:57	Parity provides free online identity management
	13:56	High-tech bank robbers phone it in
	13:56	Spread security risks with diversity
	13:54	Corporate data loss not down to hackers
	13:53	First quantum encrypted network goes live
	13:51	Apple Posts Security Update 2008-007
	13:50	NT hacker blames 'segregation'
	13:49	ASIC counter-spy to be a tough search
	13:48	Scotland tightens security for mobile health-data
	13:47	Home Office publishes data-sharing guidance
	13:47	EDS loses unencrypted armed-forces data
	13:45	Data-center security tools to not overlook
	13:44	Microsoft promises huge patch day next week
	13:43	Firefox add-on blocks 'clickjacking' attacks

All news for October, 2008
All news for 2008 year
All news for 2007 year
All news for 2006 year
All news for 2005 year
All news for 2004 year

DONATION: Keylogger.org is an independent research project supported by a team of enthusiasts. If you find this project useful or would like to help foster its continued development please consider making a donation using PayPal`s online secure payment service.

A PayPal account is not required. All major credit cards are accepted (MasterCard/Eurocard, Visa/Delta/Electron, American Express, Switch/Maestro, Solo). Simply click the button below.

Any amount would be useful and appreciated!

Thanks in advance for your support!