NetApp, CyberGuard Take Aim At Cross-Platform Spyware Threat
The Exploit Byte-Verify attack is unique in that it can infect Microsoft Internet Explorer and install spyware on compromised systems regardless of whether that browser or another one such as Firefox is actually in use. The attack takes advantage of a vulnerability in Sun Microsystems' Java Virtual Machine to execute digitally signed applets with access to all system resources on the target machine. The code downloads Trojans and spyware and alters Internet Explorer's security settings.
According to the companies, Network Appliance's NetApp IAS, which employs the NetCache appliance and CyberGuard's Webwasher content security suite, protects users by filtering malicious code. The Webwasher suite detects scripts as they try to exploit the Java vulnerability and blocks it at the gateway.
"As a company focused on protecting enterprises against the most serious and critical vulnerabilities as their security needs grow, it is critical to work with companies like NetApp to pace the industry with the most comprehensive security solutions," CyberGuard's senior vice president of strategic alliances and general manager of the Webwasher subsidiary Horst Joepen said in a statement. "This new threat is only the latest in a series of attacks where the new proactive filtering technology included in our Webwasher suite provides protection and improves Internet security for enterprise customers."