Forwarded From: darek milewski <darekm@cmeasures.com>
http://www.centraxcorp.com/srgrel.html
CENTRAX'S SECURITY GROUP (SRG), DETECTS NEW CLASS OF SECURITY THREAT
SAN DIEGO, Calif.-- (Business Wire) -- October 20, 1998 -- Centrax
Corporation, the experts in detection and response technology, today
announces the detection of a new class of Microsoft® Windows® NT security
threat that allows unauthorized insiders to gain access to sensitive
information and bypass all other security in Windows NT. Methods to
exploit this attack are already circulating on the Internet and new
methods are being invented, making this a very real and present danger to
corporations worldwide. The Security Research Group (SRG) at Centrax
Corporation has identified the entire class of attacks so that new methods
to exploit this attack will always be detectable even though they have not
been invented yet.
This new class of insider threat is based on individuals using hacker
tools and techniques to add unauthorized users to administrative groups.
Specific attacks in the class have been circulated on the Internet under
names such as "SecHole" and "GetAdmin." While Microsoft has delivered
hotfixes for these specific attacks, new mutations of the attack will
continue to surface. The Centrax solution detects the root cause of the
attack independent of the mutation used to perpetrate it, giving Centrax
the ability to detect attack methods that have not yet been invented.
"Organizations with sensitive or critical information need to be aware of
this class of threats that are perpetrated by insiders," said Ira Winkler,
president of Information Security Advisory Group and author of Corporate
Espionage. "So much time and attention is spent on outsider attacks and
perimeter defenses that corporations forget that the majority of losses
occur from the inside."
"Intrusion detection products are only as good as their analysis engines,"
says Paul E. Proctor, chief technology officer, Centrax Corporation. "This
advanced analysis, completed by the Centrax SRG, will significantly
improve detection capabilities and lower the management overhead involved
in detecting the insider threat."
About SRG
The Security Research Group at Centrax Corporation uses their experience
in information security to help Centrax customers. The group has several
decades of experience with an emphasis in host-based intrusion detection.
They use their knowledge to create new security policies and detection
capabilities for the Centrax Security Suite of products. This latest class
of attacks will be detectable in eNTrax Version 2.1 that is currently in
beta and scheduled for release in December, 1998.
About Centrax
Centrax offers a comprehensive line of security solutions for the
enterprise and is dedicated to providing the most advanced assessment,
monitoring, detection and response technology. The Company’s experts have
been designing and developing intrusion detection solutions for over a
decade, some of which are currently protecting some of the nation’s most
vital secrets. Centrax is a privately held company located in San Diego,
California. Call Centrax Corporation at (619) 546-2400 or (800) 546-7733
for additional information or visit our Web site at www.centraxcorp.com.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Thu Nov 12 09:21:54 1998