Security software often misses new malware

Monday - 6/21/2010, 8:30am EDT

Cybersecurity Update - Tune in weekdays at 30 minutes past the hour for the latest cybersecurity news on The Federal Drive with Tom Temin and Amy Morris (6-10 a.m.) and The DorobekInsider with Chris Dorobek (3-7 p.m.). Listen live at FederalNewsRadio.com or on the radio at 1500 and 820 AM in the Washington, D.C. metro area.

  • How sure are you that your security software is doing the job? New research suggests that major vendors are finding it difficult to keep up with all that malware on the Internet. The study from NSS Labs found that, on average, it takes software from major vendors two days to block malicious Web sites. Researchers ran tests designed to mimic the way average people browse the Web and then studied how long it took security software to recognize and block threats. The findings were first reported by the IDG News Service.

  • If you receive a government email about terrorism, think twice before opening it. Researchers at Sophos Labs say that hackers behind the Zeus botnet are sending out emails that look like they're from the Department of Homeland Security, Pentagon and Transportation Security Administration. But they're not. SC Magazine says the emails contain links, supposedly to the official reports. But instead, the files behind those links install the malicious Zeus or Zbot trojan.

  • Fidelis Security systems is working with Cyveillance to help prevent cyber threats. Fidelis has announced that it is integrating its network security product, called "Fidelis XPS," directly with Anti-Malware and Anti-Phishing threat intelligence feeds from Cyveillance. Fidelis believes the combination will provide customers with automatic, real-time visibility and control of attempts to steal information and compromise computer networks. The idea is to prevent cyber attacks with increased situational awareness and automatic intelligence sharing. Fidelis is making the product available to customers for three months for free. Then there's an annual subscription fee.

Check out all of Federal News Radio's coverage of cybersecurity issues here.