Æntievasion
antievasion.com | Dec 20th 2010 6:36 PMIt appears that this may be a homepage or an index page with non-article content. To accurately view it, you may want to switch to the Full Web Page view.
If you know there should be an article here, help improve the article parser by reporting this page. Thanks!
News 124 New Advanced Evasion Techniques Discovered and Disclosed for Global Vulnerability Coordination. Download press release (PDF). The Principles of Æntievasion
Video Demonstration
Watch the ICSA Webinar
What CERT-FI's IDS/IPS Advisory on the first 23 evasion techniques means, and how you should act to protect your data and network. Featuring Jack Walsh, ICSA Labs. Recorded live on 7 Jan, 2011.
Watch part 1 >
Watch part 2 >
Releases
Stonesoft"Stonesoft, an innovative provider of integrated network security and business continuity solutions, today announced it has discovered 124 new advanced evasion techniques (AETs). Samples of these AETs have been delivered to the Computer Emergency Response Team (CERT-FI), who will continue to coordinate a global vulnerability coordination effort."
CERT-FI"The vulnerability resulting from IDS/IPS evasion methods can be seen as critical as they can result in effectively voiding the protections provided by a security system. Users that employ IDS/IPS systems as virtual patches are particularly exposed to these kinds of evasions.", CERT-FI announces. "Organisations employing IDS/IPS to protect their networks should consider employing complementary means for detecting and preventing network attacks."
Gartner"Evasion techniques are NOT exploits, but they can be used to make existing exploits more effective in breaching perimeter defenses," research analyst Bob Walder explains. "It has been determined via independent testing that some of the new combinations discovered are capable of evading certain market-leading IPS devices, thus increasing the risk of compromise for users of those devices."
CERT-FI"CERT-FI started to coordinate the remediation and publication process related to the findings of Stonesoft during the summer. During the last few months, research has uncovered new evasion techniques, which have in turn been reported to vendors. A number of security system vendors are investigating the effects of the findings on their products."
ICSA Labs"Stonesoft has discovered new ways AETs can evade many network security systems," said Jack Walsh, intrusion detection and prevention program manager at ICSA Labs. "We were able to validate Stonesoft’s research and believe that these advanced evasion techniques can result in lost corporate assets with potentially serious consequences for breached organizations."
StonesoftStonesoft, an innovative provider of integrated network security and business continuity solutions, today announced the discovery of new, advanced evasion techniques (AET) that can pose a serious threat to existing network security systems worldwide. These AET threats significantly extend what is known today about evasion techniques. The details of this discovery have been shared with CERT-FI in Finland for vulnerability coordination purposes and validated by ICSA Labs.
Join the community
Start New TopicMedia
See other related content in Other platforms
Twitter YoutubeLatest in the Media
Read what security experts from Sourcefire, Stonesoft, Altius IT, The Enterprise Group and Trusteer say about the AET threat.Processor Advanced evasion techniques under the microscope
SC Magazine AET: Brillante Tarnkappe für Malware entdeckt (in German)
http:/business.chip.de Evading the truth about security
www.computerweekly.com Talk about evasions. Interesting reading about AETs
Dark Reading Stonesoft comes up with more ways to defeat intrusion prevention systems
NetworkWorld Hackers may have advanced evasion techniques
Government Computer News Stonesoft claims new attack vectors blast hole in IT security defences
Infosecurity
Original Page: http://www.antievasion.com/
Shared from Read It Later
No comments:
Post a Comment