Malicious code rise driven by web

The number of new pieces of malicious software has doubled in the last year with the web being used increasingly to distribute the code, a report says.
In the first quarter of 2007, security firm Sophos identified 23,864 threats, up from 9,450 on this time last year.
“With computer users becoming increasingly aware of how to protect against email-aware viruses and malware, hackers have turned to the web as their preferred vector of attack,” said the report.

Is the (my) combination of an AV and BOclean good protection against this type of threat? Or does it require more than that?

The requirement, LOL, is probably that we unplug our computers, then use an abacus, pencil and paper.

Jokes aside, yes a layered security is best, along with all updates and patches (not only to the OS, but any other software that connects to the web, and firmware driver upgrades as well).

With the idea in mind that prevention is better than a cure, I think the primary defense layer would best be a HIPS/IDS system, whereby malware is prevented from ever running in the first place. Depending on the effectiveness of the HIPS in question, that might negate further security software along those lines.


Just disable browser scripting and you’re 50% protected already. Or you can try sandboxing whereby the malware (if downloaded) can only exist within the sandbox. I wonder which one comes first. Maybe scripting because it’s at the browser level. Of course, this depends on what kind of malware, too.