Company’s LANenforcer Systems Stop Email-based Attack with New Threat Detection Signature
MOUNTAIN VIEW, Calif. – January 22, 2007 Security Alert: A powerful new blended threat dubbed the “Storm Worm” is spreading quickly across Europe and the United States. “Storm Worm” is a Windows-based mass mailer that delivers a Trojan program in the form of an email attachment. Characteristics: The worm arrives via email using the following subject headers: “Killer at 11, he’s free at 21 and kills again!”; “230 dead as storm batters Europe”; “Naked teens attack home director British Muslim’s genocide”. The attachment to these mass mailers contain one of the following: “Full Clip.exe”; “Full Story.exe”; “Read More.exe”; “Video.exe”. Users that click on the attachment launch a Trojan code. Systems Affected: Microsoft Windows 95/98/98SE/2000/XP/ME/Server 2003. The severity rating is HIGH.
Nevis Solution
The company’s LANenforcer systems apply advanced anomaly detection capabilities to continuously detect and mitigate virus, worm and blended threat outbreaks such as the Storm Worm to persistently protect customers. Nevis Networks has successfully protected all of its customers from being affected by this blended threat outbreak, and Nevis Labs, the threat detection arm of Nevis, also issued a new signature within 24 hours of the outbreak to clinically identify the threat and provide additional targeted remediation information. The LANenforcer also verifies that all endpoints attempting to access enterprise LANs have the most current anti-virus software capable of detecting new incoming email carrying the Storm Worm.
“This kind of blend threat outbreak is exactly what our persistent LAN Security solutions are designed to mitigate,” says Shane Buckley, chief operating officer with Nevis Networks. “Because we apply advanced anomaly detection technology to stop this kind of ‘zero-day’ threat, we protected all of our customers from the Storm Worm. Nevis Labs immediately produced a signature for the Storm Worm which demonstrates how accurate and responsive our LANenforcer systems are when it comes to detecting and troubleshooting LAN security issues. Our signatures are specifically designed to catch variants of blended threats such as the Storm Worm.”
About Nevis Labs
Nevis Labs is a worldwide organization that provides round-the-clock monitoring, analysis and solutions for LAN security threats to ensure Nevis customers are protected from risks. Security experts conduct their own research as well as monitor public sources of information on threats. LAN threats are quickly assessed and information is published about each, providing Nevis customers with an in-depth understanding of each, what they target, and how to protect their network. When a LAN security threat is detected, Nevis Labs analyzes it and if appropriate, develops a signature update that is made available to customers. To signup for the free regular Nevis Labs newsletter update, visit https://nevisnetworks.com/services.php?id=10