Network Security Podcast

While I’m sure Mikko Hypponen, Chief Research Officer at F-Secure, is getting as tired as hearing the term APT* as the rest of us are, he had some insight into what’s really happening with this threat and the fact that it’s not something new, it’s just the acknowledgment that it’s happening that’s new.  He’s been seeing similar attacks going on for nearly six years, what’s changed is the recognition and public attention to the threat that’s something new.  He believes that the organized crime component of malware will be moving to smart phones as the criminals realize that it’s easier to make money quickly and easily from phones than the complicated hoops they have to jump through to make money from computers.

NSP-RSAC2010-FSecure.mp3

* I’m with @CSOAndy who believe the A in APT should stand for Adaptive, not Advance.  It’s much more descriptive of what’s really happening.

I caught up with Pedro Bustamante, Senior Research Analyst from Panda Security, for a brief interview about what his company is doing in 2010.  Panda recently received ICSA Lab certification of their cloud AV product, which required some retooling of the ICSA processes.  Panda is releasing a new, free, no-registration version of their product as well as an upgraded version of their existing anti-virus that includes many of the features that Panda customers have been asking for.  We talked about a new USB vaccine Panda is releasing which ‘inoculates’ a USB drive by writing an unalterable file to the drive before a virus can.  Finally we discussed the sheer amount of data Panda is collecting and how much of it they’re able to process automatically.  But there does, and always will, remain a small fraction of a percent of the data that has to be inspected by human beings to catch the new and the interesting that malware writers are creating.

NSP-RSAC2010-PandaSecurity.mp3