This blog post explores the identification of APT (Advanced Persistent Threat) Groups and their attribution in cyber-attacks. Furthermore, it delves into the intriguing scarcity of groups originating from Western countries.
Security News
On this page you will find links to selected IT-security related news articles from various sources, including news from conferences and some test results. Posts in this category might be written by externals and students. If you find some interesting news, please let us know!
The Significance of NIS-2 Compliance and AV-Comparatives’ Role
Data transmission in consumer security products
We have conducted a study on data transmission in consumer security products, addressing the concerns of Internet users regarding the access and usage of their personal information. While computer security software has a legitimate need to send certain system information to its manufacturers, such as details of malware for effective user protection, it is crucial that programs do not indiscriminately transmit personal data without the explicit knowledge and consent of the system’s owner. This report provides valuable insights into the data-sending practices of popular consumer security programs.
We are delighted to announce that more information in addition to this report will be published in a report by PC Magazin, PCgo, Connect-Living.de. The article (in German) can now be found here.
https://www.av-comparatives.org/wp-content/uploads/2023/07/avc_data_sending_2023.pdf
NGFW Egress C2 Test: Assessing the Effectiveness of Outgoing Network Traffic Prevention and Detection Capabilities
In June 2023, AV-Comparatives conducted an NGFW Egress C2 Test to evaluate the effectiveness of NGFW products in detecting and preventing malicious traffic. In targeted attacks, one of the goals of APT groups is to establish control over a compromised system by opening a command-and-control channel (C2) to the command-and-control server operated by the attacker. If the attacker has already gained access to the system via a trusted relationship, or has delivered malware using phishing or USB drives, they can use C2 malware to open the C2 channel.
The balance between performance (low speed-impact) and real-time detection – Enterprise products
In our most recent report, we continue our investigation into the potential impact of performance-enhancing measures implemented by anti-virus vendors on the malware detection capabilities of their products. Building upon last year‘s findings, we now shift our attention to enterprise products in this blog post. By applying the same methodology, our objective remains consistent—to assess the consistent malware detection performance of enterprise security products in specific scenarios. We maintain uniformity by utilizing the identical settings employed in our enterprise main-test series.
Decreasing false alarms in enterprise security products
For many years, AV-Comparatives’ protection tests have included a false-positives test, to ensure that security products do not provide protection at the expense of plaguing the user with false alarms. From time to time, enterprise users send us false-positives samples that they have encountered themselves. This is very helpful to us in our research, and so we are now making it easier to submit FPs to us.
Stay tuned with AV-Comparatives – RSA and BSides San Francisco
As we move towards an increasingly digital world, the importance of cybersecurity cannot be overstated. As technology evolves, so do the threats associated with it, making it crucial for individuals and organisations alike to stay up-to-date on the latest news and trends in IT security.
Upcoming AV-Comparatives’ Certification Tests 2023
As in previous years, we will be running certification tests for the following products:
- Anti-malware programs for macOS
- Anti-malware apps for Android
- Phishing protection for Windows and other platforms
- Parental control features for Windows and other platforms
- VPN programs for Android and Windows
We also offer various enterprise security tests, EPR/EDR tests and penetration tests.
Security vendors interested in any of above tests are invited to contact us no later than the 31st of March 2023.
AV-Comparatives Prolongs ISO 9001:2015 Certification for Independent Testing of Anti-Virus Software
We are happy to announce that AV-Comparatives has been recertified as an ISO 9001:2015 testing lab. TÜV Austria have renewed the certificate for our management system with the scope “Independent Tests of Anti-Virus Software”.
Beware of Fake Online Shops and Fake Websites
In recent years, the Internet has become an indispensable part of our daily lives. We use it for communication, shopping, entertainment, and more. Unfortunately, with the convenience of the Internet comes the potential for malicious actors to exploit it. Two of the many forms of deception used by cybercriminals are fake online shops and fake websites (the latter also known as phishing websites). Whilst these may sound similar, they are in fact quite different forms of deception, and so different measures are required to avoid falling victim to them.