New Malware Technique AET Targeting IPSs
Recently, researchers at Stonesoft, a provider of integrated network security and business continuity solutions, revealed a new type of malware called the 'Advanced Evasion Techniques (AET)', which can penetrate through most of the intrusion-prevention systems (IPS) to insert even prominent flaws like, Conficker and Sasser into the targeted systems without leaving any trace behind.
Stonesoft researchers further elaborated that AETs merge more than one known easy evasion technique that IPSs are proficient of defending against individually, but the combination of them makes it quite difficult for the IPSs to detect.
To be precise, AETs endows today's cybercrooks with a master key to gain control over any vulnerable machine by evading today's network security systems.
Jack Walsh, Network IPS Program Manager at ICSA (International Computer Security Association) raised the warning when he notified that all of the IPSs checked, were unsuccessful to block at least few of the AETs including a version of Stonesoft's own IPS, as reported by 'NETWORKWORLD' on 18th Oct. 2010.
Furthermore, these AET threats considerably extend the evasion techniques. Information regarding this discovery has been reported to CERT-FI (Computer Emergency Response Team in Finland) for the purpose of flaw coordination and is authenticated by ICSA Labs.
For the purpose of safety and security, CERTs in various nations are sending warning letters and notices to numerous IPS vendors to inform them regarding the threat so they can take steps to be protected against AETs.
According to Jussi Eeronen, an Information Security Advisor at CERT-FI, CERT-FI has procured help of CERTs in other nations to help spread the message, and the aim for security vendors is to improve their gear to control AETs, as reported by 'NETWORLWORLD' on 18th Oct. 2010.
Jussi added that the incessant collaboration among Stonesoft, CERT-FI, and other network security vendors is necessary for repairing the identified flaws, as reported by SunHerald on 18th Oct. 2010.
Furthermore, CERT-FI is cautioning security firms whose products might get affected by AETs, so that they can take defensive measures against such threats.
Related article: New Zealand Releases Code To Reduce Spam
» SPAMfighter News - 28-10-2010