NSS Labs' research indicates that over the past 18 months, the sophistication and strategic capabilities of cybercriminals has outstripped the pace of advancement within information security products. In addition to traditional remote attacks against servers, cybercriminals are increasingly waging highly targeted campaigns against desktop client applications.

The most common delivery mechanisms for socially-engineered malware (SEM) are typically via the web and email, but it is not always necessary for end users to succumb to the lure of well-crafted phishing attacks in order to be compromised. The use by attackers of household name web sites to serve exploits to their visitors proves that it is no longer necessary to venture into a "dark corner" of the Internet in order to be exploited. Also evident is the fact that our desktop AV and network security solutions are no longer protecting us adequately.

To regain the upper hand against next-generation attacks, enterprises must in turn evolve their network defenses to provide next-generation protection. Through constant testing of suspicious code and blocking of communications with malicious hosts, next-generation scanning solutions are capable of providing enhanced protection against advanced malware, zero-day and targeted attacks that could bypass defenses like next-generation firewalls, network IPS, antivirus / endpoint protection (including host intrusion prevention), and secure web gateways.

The Huawei-Symantec DSE System was tested by NSS Labs in April 2011. During this test only the WSS and DSC component of the system were tested since these represent the core functionality of the DSE system in terms of detection and storage for later analysis.

Learn:

• The average catch rate for socially-engineered malware and exploits
• Socially-engineered malware detection over time
• Exploit catch rate
• and more...

Free Report