| [December 11, 2008] |
 |
Your Antivirus can be a Door for Hackers: iViZ "Green Cloud Security" Discovers New Vulnerabilities in AVG, Sophos, F-Secure etc.
BANGALORE, India --(Business Wire)--
iViZ, an information security company that offers "Green Cloud Security", the world's only on-demand penetration testing for applications, networks and compliance, has announced that it has discovered new classes of vulnerabilities in many popular commercial and open source antivirus software. These vulnerabilities can potentially allow attackers to break into systems using such antivirus software.
Bala Girisaballa, Vice President, explains how hackers can target a seemingly secure system and break into it by exploiting its antivirus software. "An attacker first crafts an email with malicious payload and sends it to the target user. When the email is scanned by the vulnerable antivirus software it can either crash the antivirus software or execute arbitrary code resulting in complete security bypass and remote system compromise," he added.
The affected software include many popular commercial and open source antivirus software such as AVG, F-Secure (F-Prot), Sophos, ClamAV, BitDefender & Avast. Other software could also be vulnerable. Organizations can learn more on iViZ "Green Cloud Security" website www.greencloudsecurity.com.
Introducing Green Cloud Security and highlighting on how organizations can safeguard themselves against these emerging threats, Bikash Barai, CEO iViZ said, "Regular periodic penetration testing can help companies combat the constantly evolving vulnerabilities and threats. Today there is a need for a more educated and alert user, and a vision to look beyond conventional security mechanisms in corporate information security."
About iViZ "Green Cloud Security":
iViZ is an information security company that has developed the world's first artificial intelligence based "human hacker simulation" technology to find all possible attack paths by which intruders can compromise applications and networks. This technology can detect attack paths which are otherwise missed out in traditional testing and also suggest suitable remedies. Using this patent pending technology it provides "Green Cloud Security"- a Software-as-a-Service based on-demand penetration testing solutions for applications, networks and compliance (SOX, PCI, ISO-27001, HIPAA).
Its technology has won several global recognitions by Intel, UC - Berkeley, London Business School, US Navy, US Homeland Security, Red Herring, and Business Today. It has discovered several security vulnerabilities in the products of several leading organizations like Microsoft, Intel, HP, McAfee, Lenovo etc.
For more information, visit www.greencloudsecurity.com or www.ivizsecurity.com
[ Back To TMCnet.com's Homepage ]
|