Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    The recent attacks on Google and other large organizations (currently being referred to by others as “Aurora,” “Google attacks,” or “HYDRAQ”) refer to a set of carefully orchestrated, sophisticated, and highly complex attacks. They comprised malicious threats to all three communication vectors—email, Web, and files, plus, most notably, a zero-day vulnerability in Internet Explorer (IE). In order to stay protected, businesses and end users need to deploy proactive vulnerability protection plus cloud-based threat mitigation solutions to stay one step ahead of the threat.

    We want to let our readers know that Trend Micro can help users proactively block this malicious attack and others like it—with or without the out-of-band patch released by Microsoft yesterday. In addition to business solutions like Intrusion Defense Firewall (IDF)—an OfficeScan™ plug-in—and Trend Micro Deep Security, we also offer a free tool—Trend Micro Browser Guard—that proactively protects home users by preventing exploits. Trend Micro Browser Guard protects by detecting buffer overflow and heap spray attempts as well as shellcode, thereby protecting users ahead of the threat.

    To download Trend Micro Browser Guard, please click here.

    In addition to these proactive solutions, Trend Micro also recommends that companies and home users ensure that their security software is up-to-date—preferably that users utilize Web reputation capabilities to block access to sites that host malicious code like those used in the Google attack.

    In the recent attacks, targeted spammed messages loaded with malware were also sent to users. Users with vulnerable IE browsers may unwittingly access malicious sites containing hidden JavaScript malware that takes advantage of a zero-day vulnerability. Microsoft initially advised users to enable the use of “Data Execution Prevention (DEP)” but cybercriminals attempted to counter this by introducing a new exploit code that bypasses this. Microsoft was thus forced to release a patch outside of its regular Patch Tuesday cycle.

    While the initial attacks targeted specific companies, the threat has since evolved and is now fully in the wild, leaving all Internet users potentially at risk.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice