[ISN] Centrax Corporation: new class of security threat

From: mea culpa (jerichoat_private)
Date: Wed Nov 11 1998 - 22:47:32 PST

  • Next message: mea culpa: "[ISN] DCSB: Risk Management is Where the Money Is; Trust in Digital Commerce"

      This message is in MIME format.  The first part should be readable text,
      while the remaining parts are likely unreadable without MIME-aware tools.
      Send mail to mimeat_private for more info.
    Content-Type: TEXT/PLAIN; CHARSET=iso-8859-1
    Content-Transfer-Encoding: QUOTED-PRINTABLE
    Content-ID: <Pine.SUN.3.96.981111232735.18265dat_private>
    Forwarded From: darek milewski <darekmat_private>
    SAN DIEGO, Calif.-- (Business Wire) -- October 20, 1998 -- Centrax
    Corporation, the experts in detection and response technology, today
    announces the detection of a new class of Microsoft=AE Windows=AE NT securi=
    threat that allows unauthorized insiders to gain access to sensitive
    information and bypass all other security in Windows NT. Methods to
    exploit this attack are already circulating on the Internet and new
    methods are being invented, making this a very real and present danger to
    corporations worldwide. The Security Research Group (SRG) at Centrax
    Corporation has identified the entire class of attacks so that new methods
    to exploit this attack will always be detectable even though they have not
    been invented yet.=20
    This new class of insider threat is based on individuals using hacker
    tools and techniques to add unauthorized users to administrative groups.
    Specific attacks in the class have been circulated on the Internet under
    names such as "SecHole" and "GetAdmin." While Microsoft has delivered
    hotfixes for these specific attacks, new mutations of the attack will
    continue to surface.  The Centrax solution detects the root cause of the
    attack independent of the mutation used to perpetrate it, giving Centrax
    the ability to detect attack methods that have not yet been invented.=20
    "Organizations with sensitive or critical information need to be aware of
    this class of threats that are perpetrated by insiders," said Ira Winkler,
    president of Information Security Advisory Group and author of Corporate
    Espionage. "So much time and attention is spent on outsider attacks and
    perimeter defenses that corporations forget that the majority of losses
    occur from the inside."=20
    "Intrusion detection products are only as good as their analysis engines,"
    says Paul E. Proctor, chief technology officer, Centrax Corporation. "This
    advanced analysis, completed by the Centrax SRG, will significantly
    improve detection capabilities and lower the management overhead involved
    in detecting the insider threat."=20
    About SRG
    The Security Research Group at Centrax Corporation uses their experience
    in information security to help Centrax customers. The group has several
    decades of experience with an emphasis in host-based intrusion detection.
    They use their knowledge to create new security policies and detection
    capabilities for the Centrax Security Suite of products. This latest class
    of attacks will be detectable in eNTrax Version 2.1 that is currently in
    beta and scheduled for release in December, 1998.=20
    About Centrax
    Centrax offers a comprehensive line of security solutions for the
    enterprise and is dedicated to providing the most advanced assessment,
    monitoring, detection and response technology. The Company=92s experts have
    been designing and developing intrusion detection solutions for over a
    decade, some of which are currently protecting some of the nation=92s most
    vital secrets.  Centrax is a privately held company located in San Diego,
    California. Call Centrax Corporation at (619)  546-2400 or (800) 546-7733
    for additional information or visit our Web site at www.centraxcorp.com.=20
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:10:53 PDT