News has broken that hackers are using passages from literary classics, in particular Jane Austen, to fool antivirus software. Amichai Shulman, CTO of Imperva and David Harley, Senior Research Fellow at IT Security Firm ESET commented on the Jane Austen Spreads Malware.

Amichai Shulman, CTO of Imperva :

“This is emphasizing what we have been saying again and again for the past few years: it is virtually impossible to tell “malicious code” from “code” and thus any security solution that relies on attempting to make this observation is doomed to fail. While anti-malware solution are improving, they are bound to stay behind attack methods (and not necessarily the most advanced ones). The focus and effort should be shifted into detecting the attack, and the attack is almost always targeted at enterprise data. You don’t get 145M user account details, 70M credit card numbers or 300K medical records from an endpoint. You get these by ABUSIVE access to enterprise databases and files servers – that is where the focus of advanced security solutions should be.”

David Harley, Senior Research Fellow at IT Security Firm ESET :

“This is not a new phenomenon. Spammers have used extracted text from all sorts of sources rather than purely random text for many years. Though, I have noticed a recent uptick in comment spam that uses bulk text that is sometimes a ‘pure’ extract and sometimes coherent but unconnected sentences.

In general, I wouldn’t expect the coherence or otherwise of text to be the primary factor in a security product’s assessment of a page as malicious, though it might be used as one heuristic among many.”[su_box title=”About Imperva” style=”noise” box_color=”#336588″]ImpervaImperva (NYSE: IMPV), is a leading provider of cyber security solutions that protect business-critical data and applications. The company’s SecureSphere, Incapsula and Skyfence product lines enable organizations to discover assets and risks, protect information wherever it lives – in the cloud and on-premises – and comply with regulations. The Imperva Application Defense Center, a research team comprised of some of the world’s leading experts in data and application security, continually enhances Imperva products with up-to-the minute threat intelligence, and publishes reports that provide insight and guidance on the latest threats and how to mitigate them. Imperva is headquartered in Redwood Shores, California.[/su_box][su_box title=”About ESET” style=”noise” box_color=”#336588″]ESETESET is a pioneer of proactive protection against cyber threats with its award-winning NOD32 technology. Daily, it protects over 100 million computers, laptops, smartphones, tablets and servers, no matter the operating system. ESET solutions for home and business segment deliver a continual and consistent level of protection against a vast array of existing and emerging threats.[/su_box]

ISBuzz Staff
Expert Comments : 1
Security Articles : 12413

ISBuzz staff provides a brief synopsis and summary of the breaking information security news and topics to allow information security experts to provide their expert commentary on the breaking news or the topics.
Subscribe
Notify of
guest

0 Expert Comments
Inline Feedbacks
View all comments
Information Security Buzz
0
Would love your thoughts, please comment.x
()
x