Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

2/27/2012
07:37 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

AhnLab Unveils Anti-APT Solution With Innovative Threat Prevention Technology

TrusWatcher allows organizations to protect their IT systems and digital assets against APT attacks

Click here for more articles.

SAN FRANCISCO--(BUSINESS WIRE)--AhnLab, Inc. (www.ahnlab.com), a leading provider of integrated security solutions, unveiled TrusWatcher, a comprehensive solution which prevents confidential data loss through APT (Advanced Persistent Threat) at the RSA Conference 2012.

AhnLab TrusWatcher allows organizations to protect their IT systems and digital assets against APT attacks, employs an automated diagnostic feature that analyzes all executable files, and executes them on virtual machines to determine unknown malware and suspicious behaviors in real-time. The solution also analyzes non-executable files, including .doc and .pdf, by adopting the world’s first “Dynamic Intelligent Contents Analysis (DICA)” technology developed by AhnLab. By incorporating the vast anti-malware database and anti-malware technology of cloud computing based on AhnLab Smart Defense, TrusWatcher delivers accurate, instantaneous detection of attacks.

APT attacks are better planned, more persistent, and more targeted than any cyber threats we have experienced before. Increasingly sophisticated, next-generation threats use social engineering and other advanced techniques to install malicious executables onto user PCs and avoid detection. Recent APT attacks use malicious files to penetrate the targeted organization’s network as the vulnerabilities of various document readers/editors are reported. Attackers can easily avoid the detection of their malwares for the APT attack by hiding them in document files. From the social engineering perspective, users tend to open attached files without doubt, rather than click URLs or run executable files in the emails. According to studies, attackers used malicious non-executable files for recent threats including RSA OTP Algorithm Breach, Operation Shady RAT, Lurid Attack and Sykipot Malware cases.

Traditional malware detection is no longer sufficient to cope with these multistage attacks and advanced techniques. These challenges require a new breed of defense strategy. APT prevention must cover the entire context of an attack, including identifying unknown malware, detecting suspicious traffic, and effectively removing the detected threat.

AhnLab TrusWatcher monitors traffic transferred over the network and determines whether destination web pages contain malicious files. When suspicious traffic is detected, TrusWatcher resets the TCP connection to block access to the site. It also detects suspicious activities typically associated with zombie PCs.

Utilizing the industry-leading, cloud-based knowledge from AhnLab Smart Defense- AhnLab’s cyber threat analysis platform and embedded virtual machine which runs suspicious files to detect malicious behaviors, TrusWatcher ensures more accurate detection of unknown threats.

AhnLab also unveiled today the adoption of “Dynamic Intelligent Contents Analysis (DICA)” Technology, the world’s first technology examines non-executable format files including .doc, .pdf and script, independent from the types of readers or editors. It also prevents all kinds of variants that exploit the vulnerabilities of the readers or editor programs.

“To prevent the data loss through sophisticated APT attacks, analyzing the network traffic and the hidden content is essential,” said Hong-Sun Kim, CEO of AhnLab. “AhnLab TrusWatcher will help companies to keep their mission-critical systems and the digital assets safe with AhnLab’s combined cloud-based security and network security technology, as well as innovative DICA technology.”

About AhnLab, Inc.

Headquartered in South-Korea, AhnLab Inc. (KRX:053800) develops industry-leading security solutions and provides professional services that are designed to secure and protect critical business and personal information. As a leading innovator in the information security arena since 1988, AhnLab's cutting edge products and services have been fulfilling the stringent security requirements of both enterprises and individual users. AhnLab’s products and services include anti-virus solutions, network, mobile and online game security, security management and consulting services. Today, AhnLab boasts a network of sales and research operations in more than 20 countries worldwide.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
MS8699
50%
50%
MS8699,
User Rank: Apprentice
2/28/2012 | 4:16:39 AM
re: AhnLab Unveils Anti-APT Solution With Innovative Threat Prevention Technology
AhnLab TrusWatcher monitors traffic transferred over the network and
determines whether destination web pages contain malicious files.
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-20001
PUBLISHED: 2021-04-11
In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The binary heap is left in an inconsistent state when the comparison of generic elements inside sift_up or sift_down_range panics. This bug leads to a drop of zeroed memory as an arbitrary type, which can result in a memory ...
CVE-2020-36317
PUBLISHED: 2021-04-11
In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the sam...
CVE-2020-36318
PUBLISHED: 2021-04-11
In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free.
CVE-2021-28875
PUBLISHED: 2021-04-11
In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow.
CVE-2021-28876
PUBLISHED: 2021-04-11
In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls __iterator_get_unchecked() more than once for the same index when the underlying iterator panics (in certain conditions). This bug could lead to a memory safety violation due to an unmet safety r...