NEWT blocks email attacks that link to Web-based malware

Dark Reading Staff, Dark Reading

December 6, 2007

2 Min Read

LINDON, Utah -- AvintiR, a proactive e-mail security solutions company, announced a recent surge in blended threat e-mails, likely linked to the increase in holiday spam messages. The company has seen an average of over 750 new, unique blended threats per day blocked by its NEWT (Neutralize E-mail and Web Threats) filters starting in the last week of November, up substantially from the prior period. In addition, the company announced that its free NEWT filter, previously in public beta, is now available to all users.

Blended threats are an increasingly popular way for hackers to bypass traditional e-mail security by using messages that include embedded hyperlinks to URLs or IP addresses on the Web. These sites, which are often hosted on botnet-infected computers, contain malware that is downloaded on the users system automatically and without their interaction. In order to be infected, users often just have to click on the link to the site. Some of the malware is also on legitimate sites that have been injected with a cross-site scripting hack, making detection and blocking by Web filters difficult.

NEWT is Avinti's plug-in filter that runs on the most popular MTAs (Mail Transfer Agents) and leverages the power of Avinti's iSolation Server to stop blended threat attacks. By using Avinti's database of URLs and IP addresses that link to known malware sites, it can block, tag, or quarantine e-mails containing threats. Signatures for malicious Web sites, created by Avinti's iSolation Server and pulled from malware lists, are regularly forwarded to the NEWT agent, updating it with the latest threats. Reciprocally, new URLs are fed anonymously to iSolation Server by NEWT, building off of the power of the collective NEWT agents.

"While NEWT is a Freeware product, it takes advantage of the patent-pending technology we've developed in our iSolation Server for real-time threat detection," said William Kilmer, Avinti CEO. "When the iSolation Server detects a malicious URL sent by NEWT, we automatically create a signature for NEWT, providing updates regularly."

Avinti Inc.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights