VB2017 preview: Calling all PUA fighters

Posted by   Martijn Grooten on   Aug 31, 2017

While a lot of attention is focused on the fight against advanced malware, a different kind of threat is providing just as big a headache for security companies: that of apps (often free ones) whose behaviours sit right on the limits of what is acceptable from a security point of view. The "better safe than sorry" approach preferred by security vendors usually doesn't align with the views of their customers – or those of the often powerful lawyers employed by the vendors of some of these apps.

Last year, industry veteran Dennis Batchelder set up AppEsteem to take an interesting and pragmatic approach to this issue. Rather than come up with even more complicated ways of blocking potentially unwanted apps, he is working with the app developers and distributors themselves, to ensure they stay within the limits of what is acceptable from a security point of view. AppEsteem then provides feeds and services to security vendors, to help them avoid blocking such apps – while at the same time, making it easier to block those that do engage in malicious or deceptive behaviour.

We have asked Dennis to give a Small Talk at VB2017 to discuss how this works, and to explain how security vendors and testers can make use of AppEsteem's services.

Don't forget to register for VB2017 to learn about the latest threats, how to fight them and how to collaborate with others in the industry.

VB2017-325w.jpg

 

twitter.png
fb.png
linkedin.png
googleplus.png
reddit.png

 

Latest posts:

Throwback Thursday: Giving the EICAR test file some teeth

The 68-byte EICAR test file plays as important a role today as it did 19 years ago. In this week's Throwback Thursday we look back at a VB99 conference paper in which Randy Abrams described how this 'miracle tool' worked and how it could be used.

XMRig used in new macOS cryptominer

A new piece of cryptocurrency-mining malware on macOS has been found to use the popular XMRig miner.

Tendency for DDoS attacks to become less volumetric fits in a wider trend

CDN provider Cloudflare reports an increase in DDoS attacks targeting layer 7 and focusing on exhausting server resources rather than sending large volumes of data. This fits in a wider trend.

Turkish Twitter users targeted with mobile FinFisher spyware

Through fake social media accounts, users were tricked into installing an Android application that was actually a mobile version of the FinFisher spyware.

Hide'n'Seek IoT botnet adds persistence

The Hide'n'Seek IoT botnet has received an update to make its infection persist on infected devices beyond a restart.