Commtouch and Proofpoint Report: Server-Side Polymorphic Viruses Defeat Traditional AV Solutions.Real-Time Malware Protection Reduces Enterprise Costs MOUNTAIN VIEW, Calif. & CUPERTINO, Calif. -- Computer viruses, which grew progressively more virulent over the course of 2006, overwhelmed traditional Anti-Virus solutions according to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. the 2006 Email-borne Malware Review released today by Commtouch (Nasdaq:CTCH CTCH Common Traffic Channel ) and Proofpoint, Inc. New server-side polymorphic viruses that emerged during 2006 launched rapid burst attacks comprised of vast numbers of variants in order to circumvent common AV defenses. "In 2006, a new distribution method for email-bone malware using massive numbers of short-lived and low-volume variants - as in the Stration/Warezov and 'Happy New Year!' virus attacks - turned every hour of an outbreak into a zero-hour," said Haggai Carmon, Commtouch Vice President of Products. "Throughout 2006, we began seeing outbreaks with thousands of distinct variants being sent in successive, overlapping waves of attacks lasting for weeks or even months. The barrage of wave after wave of such attacks made it nearly impossible for traditional AV solutions to create and propagate prop·a·gate v. 1. To cause an organism to multiply or breed. 2. To breed offspring. 3. To transmit characteristics from one generation to another. 4. new signatures or heuristics heu·ris·tic adj. 1. Of or relating to a usually speculative formulation serving as a guide in the investigation or solution of a problem: in time to protect end-users from the risk of infection. We expect these types of attacks to continue and worsen through 2007." In the past, copies of the same malicious code were mass distributed in large quantities, with one or just a handful of overlapping variants, per malware. But as AV solutions developed faster signature publishing mechanisms, malware writers changed their tactics to better exploit the "zero hour" vulnerability inherent in traditional anti-virus approaches. In the latest attacks, malware distributors develop huge numbers of distinct malware variants and unleash them simultaneously, or in successive waves. With the arrival of these so-called "server-side polymorphic polymorphic - polymorphism malwares," by the time a signature is released for one variant, that variant has stopped circulating, and several new variants have been unleashed. "Without real-time protection Real-time protection, on-access scanning, background guard, resident shield, autoprotect, and other synonyms refer to the automatic protection provided by most antivirus, antispyware, and other antimalware programs, which is arguably their most important , enterprises leave themselves exposed to an unacceptable level of risk, because the cost of remediating malware infections can run as high as $500 per infected desktop," said Rami rami [L.] plural of ramus. rami communicantes bundles of nerve fibers connecting a sympathetic ganglion to spinal nerve; categorized as gray rami (unmyelinated postganglionic fibers) or white rami (myelinated preganglionic Habal, Director of Product Marketing for Proofpoint. "When an organization is getting hammered with thousands of variants of each new virus, it's crucial to block each new variant immediately to prevent serious losses." The Proofpoint Zero-Hour Anti-Virus[TM] module incorporates Commtouch Zero-Hour[TM] Virus Outbreak Protection to identify new virus activity and take preventive action A preventive action is a change implemented to address a weakness in a management system that is not yet responsible for causing nonconforming product or service. Candidates for preventive action generally result from suggestions from customers or participants in the process at the earliest stages of a virus outbreak, keeping messaging systems safe until updated anti-virus signatures are available. "We have been pleased to see that Proofpoint Zero-Hour Anti-Virus automatically quarantines so many different malware variants that would otherwise be missed by a purely signature-based AV engine," said Peter Skibitzki, Network Security Officer for the Placer County Office of Education. "The zero hour protection provided by Proofpoint and Commtouch completely eliminates the risks posed by rapidly-mutating viruses such as the recent 'Happy New Year!' attack, saving us from a lot of security headaches and, more importantly, eliminating the potentially huge costs involved in cleaning up infections." Commtouch Zero-Hour[TM] Virus Outbreak Protection detects and blocks email-borne outbreaks - including server-side polymorphic malware - within moments of their release on the Internet. Powered by its Recurrent Pattern Detection[TM] technology, Commtouch's Zero-Hour service is offered to messaging, security and anti-virus vendors for OEM (Original Equipment Manufacturer) The rebranding of equipment and selling it. The term initially referred to the company that made the products (the "original" manufacturer), but eventually became widely used to refer to the organization that buys the products and integration as a complementary outbreak detection solution. Proofpoint has integrated Commtouch Zero-Hour Virus Outbreak Protection technology as part of an optional module for its Proofpoint Messaging Security Gateway[TM] appliance and Proofpoint Protection Server[TM] software solutions to ensure advanced email defense for its enterprise clients. To access the 2006 Email-borne Malware Review, click http://www.commtouch.com/documents/2006_Email_Borne_Malware_Review.pdf or http://www.proofpoint.com/malware-report-2006. About Proofpoint Proofpoint provides messaging security solutions for large enterprises to stop spam, protect against email viruses, ensure that outbound messages comply with both corporate policies and external regulations and prevent leaks of confidential information Noun 1. confidential information - an indication of potential opportunity; "he got a tip on the stock market"; "a good lead for a job" steer, tip, wind, hint, lead via email and other network protocols. The company's flagship products, the Proofpoint Messaging Security Gateway[TM] and Proofpoint Protection Server[R] provide future-proof messaging security using Proofpoint MLX MLX Master Electrician (theatrical terminology) MLX Multiple Listing Exchange (real estate) [TM] technology, an advanced machine learning system developed by Proofpoint scientists and engineers. Proofpoint was founded by technology visionary and former CTO (Chief Technical Officer) The executive responsible for the technical direction of an organization. See CIO and salary survey. of Netscape Communications, Eric Hahn Eric Hahn is an American entrepreneur who founded an early e-mail-based groupware company called Collabra Software in 1992. Netscape acquired Collabra in 1995, and in 1997 Hahn became Netscape's CTO. . The Cupertino, California-based company is funded by investors including Benchmark Capital Benchmark Capital is a venture capital firm responsible for the early stage funding of some very successful startups, including eBay. In 1995, the firm invested $6.7 million in eBay, which became worth more than $5 billion by the spring of 1999 and resulted in one of Silicon , Bridgescale Partners, Inventures Group, JAFCO Ventures, Meritech Capital, Mohr, Davidow Ventures, and RRE RRE Red Rock Eater (News Service) RRE Road Race Engineering RRE Remote Roof Easy RRE Residential Real Estate RRE Rise-And-Run-Length Encoding RRE Royal Radar Establishment (Great Britain) Ventures. For more information, please visit http://www.proofpoint.com. Proofpoint, Proofpoint Protection Server, Proofpoint Messaging Security Gateway and Proofpoint Zero-Hour Anti-Virus are trademarks, registered trademarks or licensed trademarks of Proofpoint, Inc. All other trademarks contained herein are the property of their respective owners. About Commtouch Commtouch Software Ltd. (NASDAQ:CTCH) is dedicated to protecting and preserving the integrity of the world's most important communications tool - e-mail. Commtouch has over 16 years of experience developing messaging software and is a global developer and provider of proprietary anti-spam and Zero-Hour virus protection solutions. Using core technologies including RPD RPD Rapid RPD Radiation Protection Dosimetry RPD Rapid Product Development RPD Rochester Police Department RPD Recurrent Pattern Detection (Commtouch anti-spam engine) RPD Relative Percent Difference RPD Removable Partial Denture (Recurrent Pattern Detection[TM]), the Commtouch Detection Center analyzes billions of email messages per week to identify new spam and malware outbreaks within minutes of their introduction into the Internet. Integrated by more than 50 OEM partners, Commtouch technology protects thousands of organizations, with hundreds of millions of users in over 100 countries. Commtouch is headquartered in Netanya, Israel, and has a subsidiary in Mountain View, Calif. For more information, see: www.commtouch.com. The site includes the Commtouch online lab detailing spam statistics and charts. Recurrent Pattern Detection, RPD and Zero-Hour are trademarks, and Commtouch is a registered trademark, of Commtouch Software Ltd. U.S. Patent No. 6,330,590 is owned by Commtouch. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion