Lurhq Reports Sasser Worm Rapidly Spreading Across Internet
Posted on 03 May 2004.
CHICAGO, May 1, 2004--- LURHQ, the leader in Managed Security Services for security professionals, today announced that earlier today LURHQ began monitoring suspicious traffic on port 445 indicating the possible emergence of a new worm. By late morning, LURHQ confirmed the presence of the new worm, named Sasser, which exploits the recently announced Microsoft Local Security Authority Subsystem Service (LSASS) vulnerability.

How Sasser Propagates

Once the Sasser worm exploits this vulnerability on a host it continues to spread to other hosts causing increased traffic, which could lead to a denial of service attack. LURHQ predicted the emergence of an LSASS-based worm in its April 29th Advisory announcing the availability of the LSASS exploit code. For more information on this advisory, please reference http://www.lurhq.com/lsassadvisory.html.

Currently, LURHQ is monitoring Sasser-related activity across all its Managed Security Services client networks. To protect enterprise assets from the Sasser worm, organizations should patch windows systems and ensure all protection mechanisms, such as Intrusion Detection and Intrusion Prevention systems, have up-to-date signatures.

For more information on Sasser and its impact, please visit http://www.lurhq.com/sasser.html or contact LURHQ to arrange an interview.

About LURHQ

LURHQ is the leading provider of Managed Security Services for security professionals. Founded in 1996, LURHQ empowers security professionals at more than 400 clients by providing effective Threat Management solutions. Threat Management integrates 24X7 protection, discovery, assessment, detection, response and early warning. Our Threat Management capabilities enable clients to enhance their security posture while reducing overall security program costs. LURHQ?s OPEN Service Delivery methodology facilitates a true partnership with clients by providing real-time enterprise security vision and service transparency. For more information visit http://www.lurhq.com.





Spotlight

Windows 0-day exploited in ongoing attacks, temporary workarounds offered

Posted on 22 October 2014.  |  A new Windows zero-day vulnerability is being actively exploited in the wild and is primarily a risk to users on servers and workstations that open documents with embedded OLE objects.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Oct 23rd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //