Tripwire Vulnerability Management Solutions Detect Malware Compromising Networks of over 1,000 US Businesses - KNOE 8 News; KNOE-TV; KNOE.com |

Tripwire Vulnerability Management Solutions Detect Malware Compromising Networks of over 1,000 US Businesses

Posted:

This article was originally distributed via PRWeb. PRWeb, WorldNow and this Site make no warranties or representations in connection therewith.

SOURCE:

Free service detects all known variants of Backoff malware on up to 100 IP addresses

Portland, Oregon (PRWEB) September 03, 2014

Tripwire, Inc., a leading global provider of advanced threat, security and compliance solutions, today announced that Tripwire vulnerability management solutions detect all known variants of Backoff malware.

The Department of Homeland Security (DHS) updated a cybersecurity alert on Friday, August 22, 2014, warning that over one thousand major enterprise networks and small and medium businesses in the U.S. have been compromised with malware designed to infect point of sale (POS) systems.

The malware package dubbed Backoff is responsible for recent breaches at several major retailers including Target, Supervalu supermarkets and UPS stores. Backoff is being used in targeted attacks directed at retailers and is designed to steal credit card data from POS systems. Backoff attempts to exploit remote desktop applications on systems and is also capable of monitoring and logging keystrokes as well as exfiltrating data to a remote server. Seven leading POS vendors have confirmed that they have multiple clients affected with several variants of Backoff malware.

Reusable exploits used to hack point-of-sale systems are wreaking havoc among retailers, said Dwayne Melancon, chief technology officer at Tripwire. The proliferation of Backoff malware emphasizes the need to understand what is on your network, whether you can trust it, and whether it has any known vulnerabilities. Many businesses tend to have a deploy and forget mentality for much of their infrastructure, making it easy for attackers to gain access to their systems.

Tripwire vulnerability management solutions include timely vulnerability intelligence delivered by the company's Vulnerability and Exposure Research Team (VERT). This dedicated team of world-class security and vulnerability researchers focuses unwavering attention on the changing threat environment. Tripwire's VERT identifies emerging vulnerabilities and creates unique detection signatures that are constantly updated in Tripwire vulnerability and risk management solutions, delivering unprecedented vulnerability discovery coverage that contains all known variants of Backoff malware and most remote desktop applications, including:

  •     Microsoft Remote Desktop Protocol
  •     VNC/RFB including Apple Remote Desktop
  •     DameWare Mini Remote Control
  •     Symantec pcAnywhere

Continuously monitoring what is on your network, identifying and patching known vulnerabilities, and using baselines to determine when your systems have been tampered with are crucial security controls that minimize the impact of malware, continued Melancon. Unfortunately, most organizations have under-invested in these foundational capabilities and are regretting it now. That has to change.

Tripwire® SecureScan provides free internal vulnerability scanning for up to 100 IP addresses and includes comprehensive detection rules that discover Backoff in a wide variety of conditions. Tripwire SecureScan contains the same robust vulnerability checks included in Tripwire® IP360, a vulnerability management solution used by the largest, most sensitive networks in the world.

Additional resources:

Free chapter: Hacking Point of Sale by Slava Gomzin
Backoff Malware: Are you infected?
U.S. Retail Cybersecurity Study

About Tripwire
Tripwire is a leading provider of advanced threat, security and compliance solutions that enable enterprises, service providers and government agencies to confidently detect, prevent and respond to cybersecurity threats. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business-context and enable security automation through enterprise integration. Tripwires portfolio of enterprise-class security solutions includes configuration and policy management, file integrity monitoring, vulnerability management and log intelligence.

For the original version on PRWeb visit: http://www.prweb.com/releases/2014/09/prweb12139559.htm

Information contained on this page is provided by an independent third-party content provider. WorldNow and this Station make no warranties or representations in connection therewith. If you have any questions or comments about this page please contact pressreleases@worldnow.com.

Powered by WorldNow
All content © Copyright 2000 - 2014 WorldNow and KNOE. All Rights Reserved.
For more information on this site, please read our Privacy Policy and Terms of Service.