tag
false positive

Obfuscated JavaScript: Oh What a Tangled Web

My colleague Daniel Novomeský alerted me to a problem he's observed with the way some web-developers use JavaScript: a few of them have the habit of obfuscating JavaScript code on their web sites, presumably in order to compress it so that it takes less disk-space ("packing") or using a "protector" in order to make it

Samsung and I Got Bit by a VIPRE

Yesterday I reported that Samsung laptops were infected with a keystroke logger. This certainly appeared to be the case as a Samsung supervisor reportedly confirmed (http://www.networkworld.com/newsletters/sec/2011/040411sec1.html) that Samsung shipped infected laptops. Samsung has since indicated that this is not the case. This incident has some very important lessons. My entire information supply was polluted and

FPs: everybody’s doing it, doing it…

At the last AMTSO workshop in Munich, a guidelines document on False Positive (FP) testing was approved, and is now available on the AMTSO documents page.

Cascading False Positives

 Security researchers work together and share information in many ways and in many contexts that aren't constrained by company boundaries, but it's unusual for security researchers working for different vendors to join forces in a company blog. However, John Leyden of The Register contacted us both when he was writing an article on the controversy following

Pre/Post Infection Detection

I just noticed a blog on "Security vendor’s “top-threat” list proof for their less-than-perfect performance?" at http://hype-free.blogspot.com/2010/01/security-vendors-top-threat-list-proof.html. The essential point seems to be that periodic virus detection statistics (like our monthly ThreatSense reports) are likely to be based in part on infections spotted on a protected machine when a signature/update is released that wasn't available

The Only Good Worm is a Gummy Worm

From time to time the discussion of whether or not there are (or can be) good worms comes up, usually specifically in the context of program maintenance, updates and upgrades. In fact, the idea of maintenance viruses goes back at least as far as Dr. Fred Cohen, who pretty much "wrote the book" on early

False Positive Fracas

False positives. Every anti-malware vendor’s worst nightmare. The European publisher Heise, apparently recently reinvented as The H, has pointed out that both GData and Bitdefender were inaccurately flagging winlogon.exe as Trojan.Generic.1423603. In case you were wondering, this doesn’t mean the whole anti-malware industry has gone mad: GData’s product uses two engines, one of which is 

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

5 articles related to:
Hot Topic
17 May 2011
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.