The state of Information Security
Malware authors have figured out how to evade AV by continually tweaking their binaries. They can circumvent content filtering systems by hacking legitimate sites (banner ads, etc.) that users are allowed to access. They flow right by IDPS and Malware Detection Systems through the same type of techniques. Firewalls offer good protection for inbound connection attempts, though the threat vector now consists of an attacker riding back in on legitimate outbound connections.
The Internet Protocol, version 6 (IPv6) was designed to alleviate the address space
limitations of IPv4 and provide additional security and routing capabilities. The protocol
itself, however, can be misused to deliver malware in a way that eludes detection by
firewalls or intrusion detection systems (IDS) not configured to recognize IPv6 traffic.
This problem can be amplified in cases where malware is used to reconfigure vulnerable hosts to allow IPv6 traffic.
Conditions and Technology