This entry was posted on Monday, January 28th, 2008 at 12:00 am and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
Presentation Based on Series of Anti-Virus and Anti-Spyware Vulnerabilities First Discovered by Nevis Labs in Late 2007
MOUNTAIN VIEW, Calif. — Nevis Labs, the vulnerability and threat research arm of Nevis Networks, today announced that Feng Xue (aka SoWhat), a Technical Lead of Nevis Labs, will present a paper at the Black Hat Europe 2008 conference related to his research and recent discovery of a series of new vulnerabilities in anti-virus software, including one which could lead to a buffer overflow attack in Trend Micro AntiVirus plus AntiSpyware 2008. Nevis Labs was credited with finding vulnerabilities in a total of three commercial anti-virus packages in late 2007. The Black Hat talk titled, "Attacking Anti-virus," will focus on a broad range of possible anti-virus exploitations, auditing of anti-virus software, and the details of Nevis Labs’ research methodologies.
Black Hat Europe will be held March 25-28, 2008 in Amsterdam. Black Hat conferences attract the most prestigious names from the full spectrum of security thinkers and stays on the leading edge of new security trends as they emerge. Mr. Xue’s selection to be a speaker on the topic of attacking anti-virus software demonstrates Nevis Labs’ leadership position in this area, as well as the fact that desktop anti-virus systems alone are not enough to thwart today’s sophisticated malware.
"Our world-class threat detection lab maintains vigilant and continuous research for vulnerabilities worldwide," said Dominic Wilde, vice president marketing at Nevis Networks. "With this recent series of disclosures of vulnerabilities in anti-virus software, along with our presentation at Black Hat, we hope to communicate the limitations of relying solely on desktop security suites to stop malware since they are proven to introduce vulnerabilities themselves."
Nevis Labs is currently cooperating with several anti-virus vendors to patch vulnerabilities in their products. The details of these vulnerabilities will be disclosed once patches are released by the vendors. The Trend Micro patch credited to Nevis Labs is currently available at: http://esupport.trendmicro.com/support/viewxml.do?ContentID=1036464.
About Nevis Labs
Nevis Labs is a worldwide organization that provides round-the-clock monitoring, analysis and solutions for LAN security threats. The company’s security experts conduct their own research into vulnerabilities in Operating Systems as well as monitoring public sources of information on threats. Nevis Labs produces signature updates for Nevis products as well as updating its endpoint verification software to ensure the latest updates for anti-virus, OS patches and anti-spyware software are recognized. These updates are provided to Nevis customers on a continuous basis.
About Nevis Networks
Nevis Networks is a market leader in secure switching and identity-based policy enforcement appliances. The company’s LANenforcer product family transparently enforces identity-based policies in real time within the network fabric, tightly controlling who can access a company’s network and what resources they are permitted to use. Cross-industry customers, ranging from financial services, healthcare, education and defense contractors deploy Nevis LANenforcers to protect sensitive network resources and assets, and significantly reduce the overall costs and time to resolve security breaches and conduct network audits. The company is headquartered in Mountain View, CA, with additional R&D centers in Pune, India and Beijing, China.
COPYRIGHT 2008 Business Wire
COPYRIGHT 2008 Gale, Cengage Learning
Information provided by: Findarticles.com
