Latest news
Stonesoft announced it has delivered 163 new advanced evasion technique (AET) samples for global vulnerability coordination. The new samples include AETs over a number of various protocols, including IPv4, IPv6, TCP and HTTP.Since the discovery of AETs a year ago, Stonesoft has continued extensive research in the area and has now delivered a new set of 163 AET samples to CERT-FI (Finnish national computer security incident response team) for global vulnerability coordination.
The set is comprised of 54 atomic evasions and 109 combinations that can be further combined with each other or with the evasions in the previous releases to create new AETs. They work efficiently also over IPv6, which results in increased security risks and challenges.
In Stonesoft’s tests, the latest samples of AETs have successfully bypassed intrusion prevention system (IPS) devices currently on the market. As the number of AETs and their potential combinations is constantly growing, building efficient protection against them requires profound understanding of network traffic. However, most network security vendors still demonstrate a lack of understanding on where the problem stems and how to resolve it.
“Network security vendors have now had more than a year to provide their customers protection against AETs, but unfortunately we still have not seen much success in this area. Very few vendors have truly understood the magnitude of the problem, while some are struggling to provide some kind of protection. Most of the vendors who acknowledge the problem are incapable of building a working solution - instead, they are keeping themselves busy doing temporary and inflexible fixes. The rest just ignore the issue and do nothing,” said Ilkka Hiidenheimo, founder and CEO of Stonesoft.
According to Stonesoft, network security must be regarded as a dynamic, constantly evolving process. A security vendor who still uses 10-year old protocol normalization methods in order to look for exploits or other malicious activities is prone to miss new threats. The core functionality of the protocol parsing cannot be static – instead, it has to evolve in order to meet the constantly changing threats. While new exploits, vulnerabilities and even attack vectors are constantly discovered and must be addressed quickly by security products, these new evasions require equally dynamic and fast responses.
Spotlight
Is it time to professionalize information security?
Posted on 23 May 2013. | The issue of whether or not information security professionals should be licensed to practice has already been the topic of many a passionate debate.
Review: Logging and Log Management
Posted on 22 May 2013. | Every security practitioner should be aware of the overwhelming advantages of logging and perusing logs for discovering system intrusions. But logging and log management comes with its own set of difficulties.
Experts highlight top data breach vulnerabilities
Posted on 22 May 2013. | Hidden vulnerabilities lie in everyday activities that can expose personal information and lead to data breach, including buying gas with a credit card or wearing a pacemaker.
A closer look at Mega cloud storage
Posted on 21 May 2013. | Once a novelty, nowadays many cloud storage services are fighting for their piece of the market in the virtual world. Mega offers 50GB of free space with great pricing on Pro accounts.
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
