While WK runs the InfoSec News (ISN) mail list, this was sent directly to him. Further, the headers and footer show that he was subscribed to a (marketing) mail list. This is spam.
Return-Path: (bounce@bmsend.com)
X-Original-To: wk[at]infosecnews.org
Delivered-To: wk[at]infosecnews.org
Received: from mailrelay1.com (mailrelay1.com [65.163.12.160])
by conundrum.infosecnews.org (Postfix) with ESMTP id 7B860EF939
for (wk[at]infosecnews.org); Thu, 16 Sep 2010 09:32:05 -0500 (CDT)
Received: from mailrelay1.com (mailrelay1.com [127.0.0.1])
by mailrelay1.com (Postfix) with ESMTP id 7A0D364E64
for (wk[at]infosecnews.org); Thu, 16 Sep 2010 10:32:07 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=bmsend.com; h=reply-to
:list-unsubscribe:from:sender:to:subject:date:mime-version
:content-type:message-id; s=benchmark; bh=ThwbfY/HX6VN062ohSUH69
7E1hM=; b=S1sMgpJPPv0bEYqxHh77F/si+Qn0vM2W0TN7fbaGlTC8B/2H8b5vHc
rm5L7gfaT4wP483HzETVy8xjkccwtnLA==
DomainKey-Signature: a=rsa-sha1; c=nofws; d=bmsend.com; h=reply-to
:list-unsubscribe:from:sender:to:subject:date:mime-version
:content-type:message-id; q=dns; s=benchmark; b=PUxEySfCO5YfERVj
omfyTI4r4FdmNC99oneHD+XGG7Em3f9HGejOw6CbJoUUtgSBU9Mlmu6LbDB1x+2A
Sy5ghA==
Reply-To: RNFoley@MatrixGP.com
X-Identify: (503057_33598481@benchmarkemail.com)
X-Mailer: 6, 5, 0, 3
X-campaignid: 503057
MimeOLE: (Produced By Microsoft MimeOLE V6.00.2800.1165)
RemoveEmail:
unsubscribe.asp?g=0&c=50[..]&SentFromServer=65.163.12.160
SentFromServer: 65.163.12.160
Message-Info: (JGTYoYF78jHtqObOVWzB5PrEu5+x4SzP)
List-Unsubscribe:
(http://www.benchmarkemail.com/c/u?9tS[..]a9OhP%2FKfNcRodO0Zw0%3D)
From: "Matrix Global Partners, Inc."(RNFoley@MatrixGP.com)
Sender: "Matrix Global Partners, Inc."(RNFoley_MatrixGP.com@bmsend.com)
To: "William Knowles" (wk[at]infosecnews.org)
Subject: New Adobe Zero-Day Attack - StormShield Provides Protection
Date: Thu, 16 Sep 2010 09:32:07 -0500
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_436012977162230114327443"
Message-Id: (20100916143207.48F9F64E5B@mailrelay1.com)
_______________________________________________________________________
_______________________________________________________________________
Matrix Global Partners, Inc.
_______________________________________________________________________
_______________________________________________________________________
_______________________________________________________________________
Stuxnetmay represent a new dangerous trend in Malware. The threat continues to grow but StormShield provides complete protection.
_______________________________________________________________________
_______________________________________________________________________
Are you vulnerable to Stuxnet? How Stuxnet attacks and how you can protect your computers
The recently discovered Stuxnet malware, which takes advantage of a zero-day Microsoft
Windows Shell vulnerability, is being used in targeted attacks to penetrate Windows
computers. This attack is part of a sophisticated new wave of threats that can infiltrate
corporate systems undetected and capture vital protected and proprietary data. The Stuxnet
malware has spread for over a month (or possibly even longer) undetected and has already
penetrated thousands of computer systems across the world according to a Microsoft analysis.
Spread via USB Stick
What is unique about Stuxnet is that it utilizes a new method of propagation. Specifically,
it takes advantage of specially crafted shortcut files placed on USB drives to automatically
execute malware as soon as the .lnk file is read by the operating system. In other words,
simply browsing to the removable drive using an application that displays icons (like Windows
Explorer) runs the malware without additional user interaction.
Besides being exploited locally through a malicious USB drive, the flaw can also be exploited
remotely via network shares and a set of extensions that allow users to edit and manage files
on remote web servers. Another insidious aspect of Stuxnet is that the malicious code was
digitally signed using valid digital certificates which allows Stuxnet to evade security
software.
Attributes of Stuxnet
First, the spyware uses a "zero-day" attack against a vulnerability that neither Microsoft
nor traditional AV companies were prepared for.
Second, The attack is undetected when installed because it installs a rootkit though a signed
driver that hides all .lnk files and the rootkit driver from any application like an AV
scanner.
Third, because they used a real, not forged, digital certificate, they circumvent normal
Microsoft barriers.
Fourth, the intentions of the creators are unclear and only one out of 5,000+ functions in
the spyware is understood. But, it is clear that an organization with deep pockets is behind
it. There was a significant investment made to create this sophisticated attack and that
investment would not have been made without a plan for profiting from the exploit.
StormShield EndpointSecurity provides complete Stuxnet protection
The award winning StormShield security has multiple security layers at the endpoint to ensure
that even sophisticated complex threats like Stuxnet are stopped. StormShield includes the
most sophisticated USB device and port protection available and would stop Stuxnet from ever
penetrating the computer itself. If, through some other means, Stuxnet made it onto the
StormShield protected computer, it would be detected and blocked from doing any damage. Learn
more about how StormShield provides complete protection against Stuxnet and other similar
attacks.
About Matrix Global Partners, Inc. Headquartered in Indianapolis, Indiana Matrix Global
Partners, Inc. (Matrix) is a national leader in information security solutions, integration
and professional and managed services. Matrix offers a complete line of security and SIEM
technologies and, as the exclusive distributor in the Americas for the award-winning
StormShield security products, Matrix is growing and managing a multi-tier sales and support
organization. www.MatrixGP.com.
About SkyRecon Systems Inc.Founded in 2003, SkyRecon Systems is a visionary global provider
of endpoint protection platforms. With its award-winning and analyst-recognized endpoint
security solutions, organizations are able to ensure protection and enforce policy for
endpoint systems, applications, data and users upon which their business relies. The company
is a contributing member of the SecureIT Alliance, has received the prestigious Red Herring
100 Award, and has been named "Entrepreneurial Security Company of the Year? by Frost &
Sullivan. Its StormShield Endpoint Security product received the SC Magazine ?Best of 2009?
award for Endpoint Security. www.SkyRecon.com
Matrix Global Partners, Inc.
Indianapolis, Indiana
email to: info@MatrixGP.com
Phone: (317) 514-2923
This message was sent to wk@infosecnews.org by RNFoley@MatrixGP.com
You can modify/update your subscription via the link below.
Unsubscribe / Manage: http://www.benchmarkemail.com/c/u?9tSN8Jgb1CZIn[..]
Forward Email: http://www.benchmarkemail.com/c/f?9tSN8Jgb1CZInsV96bc%[..]
Report Abuse: http://www.benchmarkemail.com/Abuse?9tSN8Jgb1CZInsV96bc[..]
Email Marketing by http://www.benchmarkemail.com [http://www.benchmarkemail.com]
Address: Suffolk Lane, Carmel, IN, 46032