{"id":1615,"date":"2013-02-25T00:00:00","date_gmt":"2013-02-25T00:00:00","guid":{"rendered":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2013\/02\/25\/the-security-threat-of-evasive-malware\/"},"modified":"2021-12-30T11:39:42","modified_gmt":"2021-12-30T11:39:42","slug":"the-security-threat-of-evasive-malware","status":"publish","type":"post","link":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2013\/02\/25\/the-security-threat-of-evasive-malware\/","title":{"rendered":"The security threat of evasive malware"},"content":{"rendered":"<p>Lastline has released a new report that looks at how malware authors are able to exploit the limited visibility of automated malware analysis systems (sandboxes) and ensure that targeted attacks and zero day exploits remain successful. While environmental checks have been well documented, stalling code is the latest technique being utilized to spread malware.   It delays the execution of a malicious code inside a sandbox and instead performs a computation that appears legitimate.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The report finds that stalling codes are particularly troublesome because they \u201ccan no longer be handled by traditional sandboxes (even if the trick is known).\u201d<\/p>\n<p>\u201cCurrent sandboxes have a lack of visibility into the execution of a malware program,\u201d said Giovanni Vigna, CTO of Lastline.   \u201cTo detect this new breed of evasive threats, a sandbox needs to have visibility and must be able to do this stealthily. <\/p>\n<p>Link: http:\/\/www.net-security.org\/malware_news.php?id=2423<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-1615","post","type-post","status-publish","format-standard","hentry","category-product"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1615","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1615"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1615\/revisions"}],"predecessor-version":[{"id":4102,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1615\/revisions\/4102"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1615"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1615"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1615"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}