eEye Digital Security Discovers "Big Yellow" -- a Non-Microsoft Internet Worm/Botnet Propagating via Symantec Anti-Virus Software.Leading Enterprise Security Vendor Notes "Big Yellow" As First of Many Attacks Focused on Desktop Applications Other Than Microsoft Award-Winning Blink([R]) Professional Endpoint Security Software Already Protects Enterprise Customers ALISO VIEJO, Calif. -- eEye Digital Security eEye Digital Security is a company that specialises in analysis and prevention of security vulnerabilities in software. Founded by Firas Bushnaq and Marc Maiffret in 1997, the company has been credited by Microsoft with bringing a number of security vulnerabilities to their ([R]), the leading developer of endpoint security and vulnerability management software solutions, as well as the industry's foremost contributor to security research and education, today announced that it has discovered Big Yellow, a significant, non-Microsoft-based malware (MALicious softWARE) Software designed to destroy, aggravate and otherwise make life unhappy. See crimeware, virus, worm, logic bomb, macro virus and Trojan. that has both worm and botnet characteristics and is currently propagating in the wild using Symantec's popular anti-virus software anti-virus software n → Antivirensoftware f . Big Yellow exploits a vulnerability in the remote management interface for versions of Symantec AntiVirus and Symantec Client Security, which could be remotely exploited by an anonymous attacker in order to execute arbitrary code In computer security, arbitrary code is executable code introduced externally that runs despite the intent of the original programmer. The code is injected into a currently-running application or its memory space, thus making the application execute the code. with SYSTEM privileges on an affected system, thus giving the attacker complete control. Many IT departments are not prepared for attacks on non-Microsoft-based applications and have not yet deployed the patch available for this widely deployed anti-virus software (available here: http://www.symantec.com/avcenter/security/Content/2006.05.25.html). As a result, this new class of malware presents a very potent problem for the enterprise. eEye discovered this vulnerability in late May 2006 and worked with Symantec to create a patch at that time. However, many IT departments have not yet deployed this patch, as heretofore they have not considered their desktop security applications as a point of vulnerability. Those enterprises that have already deployed Blink([R]) Professional, eEye's award-winning endpoint security software, are already protected against this new form of malware eEye has named Big Yellow. "Given the rapid discovery of critical security vulnerabilities within desktop applications other than Microsoft, the release of malware of this magnitude targeting non-Microsoft software was only a matter of time," said Marc Maiffret Marc Maiffret is the co-founder of eEye Digital Security along with Firas Bushnaq. He is currently serving as Chief Technology Officer, where he is responsible for both high-level product strategy, as well as setting the eEye research agenda. , eEye's founder and CTO (Chief Technical Officer) The executive responsible for the technical direction of an organization. See CIO and salary survey. . "IT urgently needs to understand that the new vector for attack will not come from Microsoft, but from the myriad applications that are scattered throughout its network. From anti-virus to iTunes, these non-Microsoft desktop applications, many of which IT is not even aware of, will become the enterprise's biggest point of vulnerability very, very quickly. We strongly recommend IT take two steps immediately. First, enterprises need to implement a vulnerability management program that includes more than just Microsoft applications. Second, enterprise IT should implement a comprehensive, integrated endpoint security product that delivers proactive protection from unknown and known threats." eEye's world-class research team, which was also responsible for discovering Code Red, the world's first major Microsoft-based worm, discovered the Big Yellow malware late on December 14 on its "honey pot" network - a network designed specifically to identify new classes of attack. Additional details on this new worm can be found here: http://research.eeye.com/html/alerts/AL20061215.html. Blink Professional, the industry's first Unified Security Client, sets a new bar in comprehensive, integrated endpoint security for the enterprise. In addition to the industry's strongest Host-based Intrusion Prevention See IPS and IDS. System (HIPS), Blink consolidates multiple security functions onto a single, centrally managed agent. Blink is the first to deliver all of the system-based client security functions on a single agent, including HIPS, application and system-level firewalls, anti-phishing, anti-spyware, sophisticated control over removable storage, application execution control, dynamic policy control, a local Retina([R]) vulnerability assessment A Department of Defense, command, or unit-level evaluation (assessment) to determine the vulnerability of a terrorist attack against an installation, unit, exercise, port, ship, residence, facility, or other site. scanner and, very soon, an anti-virus and anti-malware component as well. Deployed as a software agent on a Windows-based server, desktop PC or laptop, Blink Professional leverages multiple layers of protection -- more so than any other endpoint security product -- to shield individual digital assets from attacks and keep systems up and running. Blink Professional not only delivers the industry's most comprehensive endpoint security for the attacks that are affecting users today, it unifies this functionality in order to reduce the memory and computing resources necessary to support the agent. Blink Professional also serves as a platform to which future security functionality can be added, effectively making it the last security agent that IT has to install and manage. Just as importantly, Blink can be deployed and managed from a central location, making it ideal for distributed network environments. For those interested in protecting their networks with Blink Professional, more information, including a demonstration and a free product trial, is available for download on eEye's Website: http://www.eeye.com/html/products/blink/index.html. Consumers that are interested in protection from Big Yellow can also receive a copy of Blink Personal, eEye's free version of its endpoint security product for personal users, which is available for download on eEye's Website: http://www.eeye.com/html/products/blink/personal/index.html. About eEye's Security Research Team Over the last five years, eEye has been recognized by industry experts as the preeminent pre·em·i·nent or pre-em·i·nent adj. Superior to or notable above all others; outstanding. See Synonyms at dominant, noted. [Middle English, from Latin prae organization in the discovery of the most critical vulnerabilities in various platforms and applications, including the vulnerabilities subsequently leveraged by the Sasser, Witty and Code Red worms, as well as the Microsoft ASN (1) (Autonomous System Number) A unique identifier of an autonomous system on the Internet. Of the 65 thousand ASNs available, more than 30 thousand have been assigned to ISPs and NSPs. ISPs usually have only one ASN, but NSPs may have more than one. vulnerability and hundreds of other important discoveries. This expertise gives eEye a distinct advantage in designing services and software solutions for the assessment, remediation and prevention of vulnerabilities and the attacks that leverage them. eEye's integrated family of vulnerability management solutions helps IT and security professionals confidently safeguard their valuable digital assets. Working in conjunction with popular tools such as firewalls and intrusion detection systems This article is about the computing term. For other uses, see Burglar alarm. An intrusion detection system (IDS) generally detects unwanted manipulations of computer systems, mainly through the Internet. , eEye's product portfolio also includes Retina([R]) Network Security Scanner Software that analyzes a network to determine its exposure to unwanted intruders. Also called "vulnerability scanners," such products check client PCs, servers, routers, firewalls, network appliances, system software and applications for vulnerabilities that include open ports, trapdoors, , REM[TM] Security Management Console A terminal or workstation used to monitor and control a network. See Microsoft Management Console. , Iris([R]) Network Traffic Analyzer See network analyzer. and SecureIIS[TM] Web Server Protection. About eEye Digital Security[R] eEye Digital Security is a leading developer of network security software, and the foremost contributor to security research and education. eEye's award-winning software products provide a complete vulnerability management solution that addresses the full lifecycle of security threats: before, during and after attacks. eEye's customers, Citigroup and the U.S. Department of Defense, represent the largest deployments of vulnerability assessment and prevention technology in the private and public sectors. eEye protects the networks and digital assets of more than 8,500 corporate and government deployments worldwide, including Avon, Continental Airlines, Dow Jones Dow Jones the best known of several U.S. indexes of movements in price on Wall Street. [Am. Hist.: Payton, 202] See : Finance , EDS (Electronic Data Systems, Plano, TX, www.eds.com) Founded in 1962 by H. Ross Perot (independent candidate for the President of the U.S. in 1992), EDS is the largest outsourcing and data processing services organization in the country. , Prudential, University of Miami This article is about the university in Coral Gables, Florida. For the university in Oxford, Ohio, see Miami University. The University of Miami (also known as Miami of Florida,[2] UM,[3] or just The U , Viacom, Vodafone, Warner Music and Wyeth. Founded in 1998, eEye Digital Security is a privately held, venture-backed firm with headquarters in Orange County, California Orange County is a county in Southern California, United States. Its county seat is Santa Ana. According to the 2000 Census, its population was 2,846,289, making it the second most populous county in the state of California, and the fifth most populous in the United States. . For more information, please visit www.eeye.com. All trademarks contained within this press release are the sole property of their respective owners and are hereby acknowledged. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion