Newly Discovered Threats Pose Serious Risks for Organizations Worldwide

Newly Discovered Threats Pose Serious Risks for Organizations Worldwide

ID: 45789

(Thomson Reuters ONE) -



Advanced Evasion Techniques Bypass Current Network Security Systems

Helsinki, Finland - October 18, 2010 - Stonesoft, an innovative provider of
integrated network security and business continuity solutions, today announced
the discovery of new, advanced evasion techniques (AET) that can pose a serious
threat to existing network security systems worldwide. These AET threats
significantly extend what is known today about evasion techniques. The details
of this discovery have been shared with CERT-FI in Finland for vulnerability
coordination purposes and validated by ICSA Labs.

Essentially, AETs provide today's cyber-criminals with a master key to access
any vulnerable system such as ERP and CRM applications by bypassing today's
network security systems. As a result, companies may suffer a significant data
breach including the loss of confidential corporate information. Additionally,
these types of AETs could be used by organized crime and cyber terrorists to
conduct illegal and potentially damaging activities.

Discovered in Stonesoft's research labs in Helsinki, Stonesoft reported the
discovery and sent samples of AETs to the national computer security incident
response team CERT-FI as well as ICSA Labs, an independent division of Verizon
Business that offers third-party testing and certification of security products
and network-connected devices. Charged with globally coordinating the
remediation of the identified vulnerabilities with network security vendors,
CERT-FI issued a vulnerability statement about advanced evasion techniques on
October 4, and also plans to update it today (Oct. 18).

"The issues identified by Stonesoft affect a range of content inspection
technology. Continuous co-operation among CERT-FI, Stonesoft and other network
security vendors is essential for remediating the identified vulnerabilities.




CERT-FI strives to facilitate this process," said Jussi Eronen, Head of
Vulnerability Coordination at CERT-FI.

"We have reason to believe that we have seen just the tip of the iceberg," said
Juha Kivikoski, Chief Operating Officer at Stonesoft. "The dynamic and
undetectable nature of these advanced evasion techniques has the potential to
directly affect the network security landscape. The industry is facing a non-
stop race against this type of advanced threats and we believe only dynamic
solutions can address this vulnerability."

"Stonesoft has discovered new ways AETs can evade many network security
systems," said Jack Walsh, intrusion detection and prevention program manager at
ICSA Labs.  "We were able to validate Stonesoft's research and believe that
these advanced evasion techniques can result in lost corporate assets with
potentially serious consequences for breached organizations."

AETs in the Wild

Stonesoft experts discovered the new threats while testing their own StoneGate
network security solution with the latest and most advanced attacks. Field tests
and experimental data show many of the existing network security solutions fail
to detect AETs and thus fail to block the attack inside.

Stonesoft cautions that hackers across the globe may already be using AETs in
advanced, targeted attacks.  With only a select few products available to
provide protection, organizations may be challenged to protect their systems
quickly.


Best Defense Against AETs.

The best defense against the dynamic and ever-evolving nature of AETs is
delivered through flexible, software-based security systems with remote update
and centralized management capabilities, such as the Stonesoft StoneGate network
security solution. These types of systems offer an unbeatable advantage against
new dynamic threats such as AETs.

However, most organizations today use static hardware-based solutions, which can
be difficult or even impossible to update against rapidly evolving and dynamic
threats.

For more information on advanced evasion techniques and to join the discussion
on how the network security industry can combat them, please visit
www.antievasion.com or follow the topic on Twitter at
http://twitter.com/anti_evasion. For more information on Stonesoft's StoneGate
network security solutions, please visit www.stonesoft.com.


Stonesoft Media Contact:

Stonesoft Corporation
Heli Harri, Marketing and Communications Manager
Tel. +358 40 718 4799
Email: heli.harri(at)stonesoft.com

SEK Public Oy
Henrietta Malmari, Communications Consultant
Tel. +358 40 575 5646
Email: henrietta.malmari(at)sekpublic.fi


Global Media enquiries 24 hrs: +358 40 823 7511



ICSA Labs Media Contact:

Brianna Carroll Boyle, Public Relations Manager, Verizon and ICSA Labs

+1 703-859-4251

brianna.boyle(at)verizon.com

CERT-FI Vulnerability Coordination can be contacted as follows:

Email: vulncoord(at)ficora.fi, Please quote the advisory reference [FICORA #385726]
in the subject line

Telephone: +358 9 6966 510, Monday - Friday 08:00 - 16:15 (EET: UTC+2)

Fax: +358 9 6966 515

Post: Vulnerability Coordination, FICORA/CERT-FI, P.O. Box 313, FI-00181
Helsinki FINLAND

CERT-FI encourages those who wish to communicate via email to make use of our
PGP key. The key is available at https://www.cert.fi/en/activities/contact/pgp-
keys.html. The CERT-FI vulnerability coordination policy can be viewed at
https://www.cert.fi/en/activities/Vulncoord/vulncoord-policy.html




About Stonesoft
Stonesoft Corporation (NASDAQ OMX: SFT1V) is an innovative provider of
integrated network security solutions to secure the information flow of
distributed organizations. Stonesoft customers include enterprises with growing
business needs requiring advanced network security and always-on business
connectivity.

StoneGate(TM) Secure Connectivity Solution unifies firewall, VPN, IPS and SSL
VPN blending network security, end-to-end availability and award-winning load
balancing into a unified and centrally managed system. The key benefits of the
StoneGate solution include low TCO, excellent price-performance ratio and high
ROI. The StoneGate Virtual Security Solutions protect the network and ensure
business continuity in both virtual and physical network environments.

StoneGate Management Center provides unified management for StoneGate Firewall
with VPN, IPS and SSL VPN. StoneGate Firewall and IPS work together to provide
intelligent defense all over the enterprise network while StoneGate SSL VPN
provides enhanced security for mobile and remote use.

Founded in 1990, Stonesoft Corporation is a global company with corporate
headquarters in Helsinki, Finland and Americas headquarters in Atlanta, Georgia.
For more information, visit www.stonesoft.com and the corporate blog
http://stoneblog.stonesoft.com.


[HUG#1452565]








This announcement is distributed by Thomson Reuters on behalf of
Thomson Reuters clients. The owner of this announcement warrants that:
(i) the releases contained herein are protected by copyright and
other applicable laws; and
(ii) they are solely responsible for the content, accuracy and
originality of the information contained therein.

Source: Stonesoft Oyj via Thomson Reuters ONE


Weitere Infos zu dieser Pressemeldung:
Unternehmensinformation / Kurzprofil:
drucken  als PDF  an Freund senden  Wärtsilä plans to reduce 400 jobs in its support functions Draka Holding N.V.: Nexans offers to talk with Draka on acquiring Draka
Bereitgestellt von Benutzer: hugin
Datum: 18.10.2010 - 10:03 Uhr
Sprache: Deutsch
News-ID 45789
Anzahl Zeichen: 0

contact information:
Town:

Helsinki



Kategorie:

Business News



Diese Pressemitteilung wurde bisher 261 mal aufgerufen.


Die Pressemitteilung mit dem Titel:
"Newly Discovered Threats Pose Serious Risks for Organizations Worldwide"
steht unter der journalistisch-redaktionellen Verantwortung von

Stonesoft Oyj (Nachricht senden)

Beachten Sie bitte die weiteren Informationen zum Haftungsauschluß (gemäß TMG - TeleMedianGesetz) und dem Datenschutz (gemäß der DSGVO).

Stonesoft accelerates its research and development ...

Helsinki, Finland -1 December 2009 - Stonesoft, an innovative provider of integrated network security and business continuity solutions, establishes a new research and development unit in Cracow, Poland in January 2010. The unit will employ seven (7) ...

Alle Meldungen von Stonesoft Oyj



 

Werbung



Sponsoren

foodir.org The food directory für Deutschland
News zu Snacks finden Sie auf Snackeo.
Informationen für Feinsnacker finden Sie hier.

Firmenverzeichniss

Firmen die firmenpresse für ihre Pressearbeit erfolgreich nutzen
1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z