Navigation Links
Zero-Day Attacks Among the Most Costly and Feared Hacker Tools for a Reason
Date:11/16/2013

New York, NY (PRWEB) November 16, 2013

Earlier this week, Microsoft’s patch Tuesday was another headline making day, mostly because of multiple zero-day exploits that needed patching which could compromise users of every version of their popular Internet Explorer (IE) web browser. A zero-day exploit is a flaw in a particular program unknown to the developer or IT security industry that hackers can take advantage of to launch cyber attacks while essentially remaining invisible to any standard anti-malware solutions. In this case, including flaws that would allow for remote code execution. To finally combat zero-day attacks and other sophisticated hard-to-detect threats, even before they are identified, documented and patched, Global Digital Forensics (GDF) has recently introduced the new Data Brach Response Toolkit (DBRT).

Zero-days and APTs

“Advanced Persistent Threats (APTs) are a constant danger for any business that relies on digital information, and a major headache for IT security personnel around the world,” says Joe Caruso, founder and CEO/CTO of GDF. “They are typically the work of organized hacker groups, from state-sponsored cyber armies to unaffiliated cybercrime rings with deep pockets. The sophistication of attacks from these well-funded adversaries makes them both very effective for the attackers, and quite costly for their victims on many fronts. And since stealth is the main ingredient of any successful large-scale cyber attack or espionage campaign, zero-day attacks are one of the most preferred malware delivery vectors due to their near invisibility - because they have not yet been reported, documented and patched. This is the inherent flaw with typical anti-malware solutions; they rely on matching a signature, or footprint, against a database of only known threats. Zero-day attacks allow hackers to use the time from when they identify an exploitable flaw in a program’s code to the time it is finally discovered and patched as their window of opportunity, and sometimes that window can cover weeks, months, or more. We designed DBRT with this fundamental weakness in mind. DBRT doesn’t rely on known signatures to fight malware, it recognizes suspicious program behavior to expose what is actually being done and to whom, allowing IT personnel to identify an attack, remediate it, and inoculate systems enterprise-wide against reinfection, all from a single command and control console.”

How would a security solution like DBRT have helped against these latest IE zero-days?

“Take the headliner zero-day attack from this recent batch Microsoft just patched. The full explanation in IT security lingo of how they did it would involve discussions about watering hole attacks, timestamps, ROP chains (Return-Oriented Programming), the “gadgets” being used by ROP to build a program on the fly from the existing stack, obfuscation techniques, and the function of the in-memory payload itself. But in a nutshell, it comes down to hackers exploiting a zero-day flaw in IE to inject bits of code into memory that will allow them to build their end-game exploit on the system by using parts of other programs already running in memory, essentially piggybacking on them to remain completely invisible to standard anti-malware solutions. It’s actually pretty brilliant. But DBRT is not a standard anti-malware solution. With DBRT we watch everything that goes on in memory and therefore you could see the new information as it calls back and builds their programs (the gadgets used by the ROP), even though they aren’t actually in memory in the end. Again, it’s about analyzing and identifying behavior, not matching signatures, and the easy to use interface makes everything straight forward and easy to understand.”

Updating your cyber security posture to deal with today’s threats

There are some basic steps everyone should follow to significantly reduce the chances of being the victimized by most forms of malware, but APTs and zero-day attacks are often in a different class. They are among the hardest to stop using yesterday’s reactionary approach to IT security. They are the threats that can prove devastatingly destructive and costly to even the most recognized and technologically savvy organizations on the planet. That’s why the time has come for intelligent proactive solutions to change that balance of power. Traditional antivirus and anti-malware solutions may do a great job of handling the vast majority of cyber threats businesses face on a daily basis, but their radar is simply not designed to handle sophisticated threats like today’s APTs and zero-day exploits. That takes a next-generation proactive solutions like DBRT, designed by veteran cyber security experts that live in the trenches of the cyber battlefield every day and know how hackers work in the real world.

A 30 day trial version of DBRT is available for download though Global Digital Forensics.

*Global Digital Forensics is a recognized industry leader in the fields of computer forensics services, electronic discovery (eDiscovery), cyber security and emergency incident response, with years of experience assisting clients in the government, banking, healthcare, education and corporate arenas. For a free consultation with a Global Digital Forensics specialist, call 1-800-868-8189 about tailoring a plan which will meet your unique needs. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Time is critical if a cyber-incident has occurred, so don’t hesitate to get help. For more information, visit http://www.evestigate.com.

Read the full story at http://www.prweb.com/releases/2013-IE-Zero-Day/Zero-Days-and-APTs/prweb11340426.htm.


'/>"/>
Source: PRWeb
Copyright©2012 Vocus, Inc.
All rights reserved

Related medicine news :

1. Online Insurance Marketplace Explains How to Purchase Senior Life Insurance in Case of Heart Attacks
2. U-M study: Smarter blood pressure guidelines could prevent many more heart attacks and strokes
3. New Paper Argues Attacks on Family Planning Funds Limit Affordable Care Act's Effectiveness
4. Study shows no increased risk for heart attacks among HIV-positive patients with high CD4 cell count
5. Panic Away Review Reveals Natural Ways to Stop Panic Attacks
6. Medicare expenses for patients with heart attacks increase between 1998 and 2008
7. RI Injury Law Firm Posts New Infographic on the Failure to Diagnose Heart Attacks
8. Verdasys and FireEye Partner to Stop Cyber Attacks
9. Data suggests Abbotts test may help more accurately diagnose heart attacks in women
10. Expert to Offer Tips on Protecting Data from Cyber Attacks
11. Android Phone Owners Can Now Get Instant Calming Relief from Panic Attacks with New Panic Attack Aid App
Post Your Comments:
*Name:
*Comment:
*Email:
(Date:2/5/2016)... ... February 05, 2016 , ... Today, the Whole-Food Warrior TV show, ... much-anticipated feature with author Jahnavi Foster, specialist in healthy vegetarian cuisine, will stream on ... week, on his weekly Whole-Food Warrior TV show, Frank Davis highlights Whole-Food Warriors - ...
(Date:2/5/2016)... ... February 05, 2016 , ... The event is being held on ... Center in Minneapolis, Minn. Triumph Over Parkinson’s will fund nearly $100,000 for research for ... Furniture, lives with Parkinson’s disease and is the architect of this informative event to ...
(Date:2/5/2016)... ... February 05, 2016 , ... Francisco Canales, ... services in their Napa Valley office. The technique utilizes the body’s own healing ... Canales and Dr. Furnas, are part of only a select few cosmetic surgeons ...
(Date:2/5/2016)... ... February 05, 2016 , ... ... George H. Van Allen have signed a joint enrollment and degree completion agreement. ... pathway toward associate and baccalaureate degrees at FHU|Dickson. , The agreement allows ...
(Date:2/5/2016)... ... 2016 , ... The Lymphoma Research Foundation (LRF) – the ... the lymphoma community through a comprehensive series of education programs, outreach initiatives and ... Event at the La Gorce Country Club in Miami Beach on March 15, ...
Breaking Medicine News(10 mins):
(Date:2/5/2016)... February 5, 2016 --> ... report states that the global active pharmaceuticals ingredients (APIs) ... predicted to reach US$185.9 bn by 2020. It is ... 2014 to 2020. The title of the report is ... by Geography, and by Therapeutic Area) - Global Industry ...
(Date:2/5/2016)... -- Zimmer Biomet Holdings, Inc. (NYSE and SIX: ZBH) today ... offering of 11,027,558 shares of its common stock by ... and Goldman Sachs.  The shares are being sold to ... share. The selling stockholders will receive all of the ... of its directors, officers or other stockholders is selling ...
(Date:2/5/2016)... -- Henry Schein, Inc. (NASDAQ: HSIC ), the world,s largest ... dental, animal health and medical practitioners, announced today that ... majority ownership interest in Dental Cremer S.A., a distributor ... . --> ... dental distribution business of Cremer S.A. With 2015 sales ...
Breaking Medicine Technology: