面对0day威胁怎样保护自己面对未知情况

2014/12/05

Antivirus system includes a signature file called “black list”, so that they can recognize and destroy known threats, and some also include a so-called “white list”, is known to be a valid file that can be run. Traditional Antivirus can be well aware of the quality of treatment, but the unknown of how to do?

0day threat is defined as unknown threats, a 0day attack using a new virus, worm or other malicious software, antivirus software vendors have not added their signatures into the database or update their software to prevent.

Is called 0day malware struggle exists between its discovery and AV signature is created, once we found that most AV vendors update their signatures in an hour. However, the malicious software itself may be a great destructive was discovered over a period of time, companies should not rely on signature-based detection.

Java, Adobe Reader, Adobe Flash and IE in the last few years have found that many times the victim defects, they can be used by hackers to 0day attacks, the Department of Homeland Security last year even suggested disabling computer Java environment, in addition to the most famous case, any browser or software may carry 0day threat.

This is why Komodo create protection against 0day threats from computer and network security systems. Comodo’s architecture includes a multi-layer technology to identify unknown malware. These include real-time performance analysis, Instant File Find and advanced heuristics.

 

Write a comment

Name
Comment