PCMag uses a feed supplied by a company called MRG-Effitas in their AV software testing, for instance. If you want to perform a more realistic test with new, just-discovered samples, you'll probably need a live feed rather than a database. Detecting old malware is rather simple compared to keeping up to date with new malware, and most new samples that are widely distributed don't last more than a couple days before they are flagged by nearly all antivirus programs. Thus while they're still useful for analysis purposes, they might not be as useful for testing the real-world effectiveness of antivirus programs. However, the problem with most of these is that the samples tend to be quite dated, anywhere from a few weeks to years old. MalwareBlacklist: Free registration required CNN Sans ™ & © 2016 Cable News Network.A quick Google search turned up this post which links to a number of malware sample databases: Contagio Malware Dump: Free password required Market holidays and trading hours provided by Copp Clark Limited. All content of the Dow Jones branded indices Copyright S&P Dow Jones Indices LLC and/or its affiliates. Standard & Poor’s and S&P are registered trademarks of Standard & Poor’s Financial Services LLC and Dow Jones is a registered trademark of Dow Jones Trademark Holdings LLC. Dow Jones: The Dow Jones branded indices are proprietary to and are calculated, distributed and marketed by DJI Opco, a subsidiary of S&P Dow Jones Indices LLC and have been licensed for use to S&P Opco, LLC and CNN. Chicago Mercantile: Certain market data is the property of Chicago Mercantile Exchange Inc. US market indices are shown in real time, except for the S&P 500 which is refreshed every two minutes. Your CNN account Log in to your CNN account ![]() For the average consumer, Lambert said he recommends simply using a reputable anti-virus or anti-malware program as a backstop to the existing protections that Apple builds into the MacOS operating system, which are known for being strong. Red Canary detailed some “indicators of compromise” in its blog post. Revoking the developer certificates also creates barriers for any existing malware infections to be able to take additional actions. While that number seems large, it’s a small fraction of the millions of Macs in use around the world, though it’s possible there are infected devices not identified by researchers.Īpple revoked the developer certificates used by the malware, a company spokesperson said, which will prevent any future infections. Silver Sparrow infected 29,139 Macs in 153 countries as of February 17, with higher concentrations reported in the United States, United Kingdom, Canada, France and Germany, according to data from Malwarebytes, a website that blocks ransomware attacks. Researchers believe Silver Sparrow emerged and began infecting devices sometime last year. Though it’s unclear what the intent of the malware is, Red Canary said it decided to report the findings because its “forward-looking M1 chip compatibility, global reach, relatively high infection rate, and operational maturity suggest Silver Sparrow is a reasonably serious threat,” researchers wrote. “New technology is going to be adopted by everybody - good guys, bad guys, everybody in between - it’s definitely something that’s going to happen,” Red Canary Intelligence Expert Tony Lambert said. ![]() However, this doesn’t necessarily raise red flags about the chip. The researchers found that Silver Sparrow contains code that runs natively on Apple’s in-house M1 chip that was released in November, making only the second known malware to do so. They are also uncertain of how the malware got onto infected computers, though they believe it may have been through malicious search results. Silver Sparrow includes a self-destruct mechanism that appears to have not been used, researchers said, adding that it’s unclear what would trigger that function. ![]() The malware, which the company calls Silver Sparrow, does not “exhibit the behaviors that we’ve come to expect from the usual adware that so often targets macOS systems,” Tony Lambert, an intelligence analyst at Red Canary wrote. In a blog post, the firm said it did not observe the malware delivering “malicious payloads” - essentially, harmful actions against a device. The issue was somewhat confounding to Red Canary researchers, who said it’s not clear what the malware’s goal is. Nearly 30,000 Macs worldwide have been infected with mysterious malware, according to researchers at security firm Red Canary.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |