Information Technology Services

213.414.6534213.414.6534

SECURE COAT® BELIEVE IN SERVING, RATHER THAN EARNING

About

SANS Raises Infocon Alert To Yellow In Light Of Ne

Security experts closely monitoring spread of new zero-day threat

A zero-day flaw being used in targeted attacks against organizations worldwide -- most notably on SCADA systems -- has security experts worried that the threat could spread further. Concerns about additional attacks using the so-called "LNK" vulnerability in Windows machines via USB devices and fileshares prompted the SANS Internet Storm Center today to raise its Infocon alert level to "yellow," up from "green," or normal, status.

SANS made the call to go Code Yellow to help raise awareness of the vulnerability, which Microsoft officially revealed on Friday after security researchers in Belarus reported finding new malware samples that could infect a Windows 7 machine via an infected USB drive. "We decided to raise the Infocon level to Yellow to increase awareness of the recent LNK vulnerability and to help preempt a major issue resulting from its exploitation," blogged SANS ISC handler and security consultant Lenny Zeltser today. "Although we have not observed the vulnerability exploited beyond the original targeted attacks, we believe wide-scale exploitation is only a matter of time. The proof-of-concept exploit is publicly available, and the issue is not easy to fix until Microsoft issues a patch. Furthermore, anti-virus tools' ability to detect generic versions of the exploit have not been very effective so far."

The number of machines hit so far is only in the tens of thousands, according to some estimates, but many security experts worry that could change fast.

"This is not something to just shrug off," says Paul Henry, security and forensics analyst for Lumension Security. Henry says the biggest targets for the attack are Microsoft XP SP2 machines, which the software giant stopped patching as of this month.

Technology Partners
Scroll Left
  • Blue Coat Systems
  • SONICWALL
  • GFI
  • Check Point
  • Lurhq
  • Netscreen
  • Tipping Point
  • Crossbeam Systems
  • Latis Networks
  • Enterasys
  • eiq Networks
  • Blue Coat Systems
  • SONICWALL
  • GFI
  • Check Point
  • Lurhq
  • Netscreen
  • Tipping Point
  • Crossbeam Systems
  • Latis Networks
  • Enterasys
  • eiq Networks
  • Blue Coat Systems
  • SONICWALL
  • GFI
  • Check Point
  • Lurhq
  • Netscreen
Scroll Right
© 2012 All rights reserved. Secure Coat®, Suite# 426, 4th Floor, Block-14, Mashrique Centre, Suleman Farsi Road, Gulshan-e-Iqbal, Karachi-75300