Signature-based scanners missing malware attacks?

2009-08-13

ScanSafe's Global Threat Report has revealed the majority (88 per cent) of ScanSafe malware blocks were zero day threats at its highest peak in the second quarter of 2009.

This means that most of the attacks were not detected by signature based scanners, which could concern those firms looking to prevent an IT intrusion.

Second stage Gumblar attacks were the biggest contributor to the high rate of signature misses.

"The fact that the most serious threat of the year was not detectable by most standard antivirus signatures should serve as yet another wake up call to the security community," said Mary Landesman, senior security researcher at ScanSafe.

ScanSafe also revealed that the overall rate of zero day web malware in the second quarter of this year stood at 32 per cent.

An earlier ScanSafe Global Threat Report showed that at its highest peak in the first quarter of 2009, 58 per cent of web malware blocks were zero day threats.

Read more security news.