|
|
 |
Press Releases
| December 5, 2007 |
Grisoft Acquires Exploit Prevention Labs, Developer of LinkScanner Safe Surfing Technology
Grisoft, developer of the AVG family of security software products, today announced the acquisition of Exploit Prevention Labs, a pioneering developer of safe surfing technology that protects Internet users against malicious web sites and drive-by downloaded exploits. The deal is expected to be finalized by December 31st 2007. Read more. |
| |
|
| October 3, 2007 |
Software Publishers Move to Protect Their Customers with LinkScanner Safe Surfing Technology
Exploit Prevention Labs today announced the first licensing agreements for the company’s Software Development Kit, which enables developers to integrate LinkScanner’s protection against exploits, phishing and other social engineering attacks into their product lines. These two deals, with Avanquest and iS3, will extend LinkScanner’s anti-exploit protection to an estimated 1 million additional users by the end of 2007. Read more. |
| |
|
| September 5, 2007 |
Exploit Prevention Labs Releases Summer Exploit Prevalence Survey
Exploit Prevention Labs, the leading developer of safe surfing software for protection against web-based exploits, today released findings for its July and August Exploit Prevalence Survey. The return to popularity of TROJAN FAKE CODEC and Q4 Rollup appears to largely be linked to the hackers behind the Storm botnet. Read more. |
| |
|
| August 20, 2007 |
Internet Entrepreneur Tom Ryan uses LinkScanner to Keep his Online Store and Customers Safe from Malware
Tom Ryan, founder of ScienceForTheStars.com, a popular online store for science kits, toys and activity books, saw a problem coming down the road. “Everyone has anti-virus solutions these days, and most people know that they shouldn’t open attachments from unsolicited emails,” Ryan said from his office in Fort Myers, Florida. “But how many people know that their computer can be easily infected with malicious code simply by visiting a website from search engine results?” Read more. |
| |
|
| July 17, 2007 |
Exploit Prevention Labs Releases June Exploit Prevalence Survey
Exploit Prevention Labs, the leading developer of safe surfing software for protection against web-based exploits, today released findings for its June 2007 Exploit Prevalence Survey. Highlights include the return of TROJAN FAKE CODEC after a two-month hiatus and the continued strong showing of Modified MDAC. Read more. |
| |
|
| June 25, 2007 |
Exploit Prevention Labs Releases May Exploit Prevalence Survey
Exploit Prevention Labs, the leading developer of safe surfing software for protection against web-based exploits, today released findings for its May 2007 Exploit Prevalence Survey. Modified MDAC was back at number one after dropping to second place in April, followed by MPack and ANI tied for the number two slot. Read more. |
| |
|
| May 16, 2007 |
Exploit Prevention Labs Releases April Exploit Prevalence Survey
Exploit Prevention Labs, the leading developer of safe surfing software for
protection against web-based exploits, today released findings for its April
2007 Exploit Prevalence SurveyT. The ANI exploit that first hit the
headlines at the end of March continues to put up a strong showing,
representing 12% of all exploit occurrences, despite Microsoft's issuing of
an emergency patch early in the month. The survey also brought to light two
new exploit packages, one dubbed WebAttacker 2.0, in April, both of which
are being widely distributed across the Internet. Read more. |
| |
|
| Apr 27, 2007 |
Google AdWords attack documented in new video from Exploit Prevention Labs
Security software developer Exploit Prevention Labs today released a video at http://explabs.blogspot.com documenting how cybercriminals are using Google's popular AdWords advertising system to infect unsuspecting users with malware. As the video shows, cybercriminals ran Google ads for legitimate, trusted organizations like The Better Business Bureau. Read more. |
| |
|
| Apr 25, 2007 |
Google AdWords Falls Victim to Cyber Criminals
Researchers at security software developer Exploit Prevention Labs have uncovered hard evidence that cybercriminals are using Google AdWords to infect unsuspecting users with malware. Under the guise of ads for legitimate, trusted organizations like The Better Business Bureau (see screen shot), unsuspecting users are instead redirected to malicious sites that attempt to install exploits and other malware. Exploit Prevention Labs first learned of this new attack vector April 10 when a LinkScanner Pro user ran a Google search on the phrase "how to start a business". The top-ranked sponsored search listing appeared to be from AllBusiness.com, a legitimate business, yet the hyperlink actually led to a site that attempted to install a password-stealing keylogger on the user's PC. LinkScanner Pro blocked the threat and automatically reported the discovery back to Exploit Prevention Labs researchers, who launched an immediate investigation. Read more. |
| |
|
| Apr 23, 2007 |
Exploit Prevention Labs Releases March Exploit Prevalence Survey
Exploit Prevention Labs, the leading developer of safe surfing software for protection against web-based exploits, today released findings for its March 2007 Exploit Prevalence Survey™. March’s most notable development occurred toward the end of the month, on March 28, when a zero-day exploit that takes advantage of how Windows handles animated cursor (.ani) files was discovered. The so-called ANI exploit attacked fully patched Windows XP SP2 machines running IE 6 or 7 and was successful enough to land the number four slot on the prevalence survey with only four days of distribution. Read more. |
| |
|
| Mar 12, 2007 |
Exploit Prevention Labs Releases February Exploit Prevalence Survey
Exploit Prevention Labs, the leading developer of safe surfing software for protection against web-based exploits, today released findings for its February 2007 Exploit Prevalence Survey™. Roger Thompson, CTO of Exploit Prevention Labs and author of the monthly Exploit Prevalence Survey, noted steady activity among cybercriminals in February. For the third consecutive month, the Q406 Roll-up exploit package captured the survey’s number one spot with 35.17 percent of all occurrences. Read more.
|
| |
|
| Feb 5, 2007 |
Exploit Prevention Labs Releases LinkScanner 2.5, Adds Support for Vista and Firefox
Exploit Prevention Labs (http://www.explabs.com), a leading developer of safe surfing software for protection against web-based exploits, today unveiled at its Innovation Station booth at the RSA Conference in San Francisco the latest in its LinkScanner product line with support for Windows Vista and the Firefox web browser. With the new platform and browser support, LinkScanner now provides the industry’s broadest and most effective protection against malicious web sites, phishing, social engineering and other web-based exploits. Read more. |
| |
|
| Feb 5, 2007 |
Exploit Prevention Labs Releases January Exploit Prevalence Survey
Exploit Prevention Labs, the leading developer of safe surfing software for protection against web-based exploits, today released findings for its January 2007 Exploit Prevalence Survey™. Roger Thompson, CTO of Exploit Prevention Labs and author of the monthly Exploit Prevalence Survey, notes the continuing dominance of the Q406 Roll-up package, with the added twist of the inclusion of the IE Com CreateObject exploit, which itself occupied the Number One slot back in November of last year. CreateTextRange, now almost a year in the wild, occupies the Number Two slot. "CreateTextRange has been a very stable exploit for the bad guys over the past several months," adds Thompson. Read more. |
| |
|
| Jan 23, 2007 |
Exploit Prevention Labs Releases December Exploit Prevalence Survey
Exploit Prevention Labs, the leading developer of safe surfing software for protection against web-based exploits, today released findings for its December 2006 Exploit Prevalence Survey™. Roger Thompson, CTO of Exploit Prevention Labs and author of the monthly Exploit Prevalence Survey, has dubbed this month’s most common package, accounting for more than 70% of all reports, the “Q406 Roll-up” package, as it consists largely of updated versions of exploits issued during the fourth quarter of 2006. “The dominance of this package reinforces the fact that the development and release of exploits frequently parallels legitimate software businesses,” noted Thompson. “The bad guys are working hard to update and release tweaks to existing exploits at least in part because developing a new exploit is such a complex task.” Read more. |
| |
|
| Jan 22, 2007 |
Exploit Prevention Labs Named Finalist for "Most Innovative New Company" at RSA 2007
Exploit Prevention Labs (http://www.explabs.com), a leading developer of safe surfing software that protects against phishing, social engineering, and other web-based exploits, today announced it has been selected as one of ten finalists in the 2007 “Most Innovative New Company” awards at the RSA Security Conference. As a finalist, Exploit Prevention Labs will showcase its LinkScanner technology in the Innovation Station exhibit at booth 1348 at the RSA Security Conference (February 5-9 2007 at the Moscone Center in San Francisco). Exploit Prevention Labs was selected from among other security startups by a judging panel that included venture capitalists, chief security officers, and industry press and analysts. The panel evaluated each entrant based on the market potential for the company’s products, the significance of the company’s technology innovation, the quality of the management team, and the overall commercial viability of the company.
Read more. |
| |
|
| Dec 22, 2006 |
Exploit Prevention Labs Releases November Exploit Prevalence Survey
Exploit Prevention Labs, the leading developer of safe surfing software for protection against web-based exploits, today released findings for its November 2006 Exploit Prevalence Survey™. Two previously unranked exploits -- setSlice and IE Com CreateObject -- made their debut on the list in the number one and three positions respectively; both were derived from proof-of-concepts released by HD Moore during his Month of Browser Bugs in September and both have undergone additional modifications in the wild. Read more. |
| |
|
| Dec 21, 2006 |
Exploit Prevention Labs Publishes White Paper on Web 2.0 Security
Exploit Prevention Labs today published a new paper exploring the new security risks accompanying the rise of Web 2.0. “We’ve looked at how the popularity of Web 2.0 sites like MySpace and YouTube creates unintended security risks for users,” said Roger Thompson, CTO and co-founder of Exploit Prevention Labs. “Unlike previous generations of Web applications, today’s Web 2.0 applications are characterized by heavy reliance on user-generated content and cross-linking across multiple sites using IFRAMEs, RSS, and cross-site scripting. When users visit a trusted Web 2.0 site, their browser is pulling information, data and malware from many other sources, some of which may not be so trustworthy.” Read more. |
| |
|
| Nov 27, 2006 |
Exploit Prevention Labs Releases October Exploit Prevalence Survey
Exploit Prevention Labs, the leading developer of safe surfing software for protection against web-based exploits, today released findings for its October 2006 Exploit Prevalence Survey™. In this latest report, WebAttacker for the first time occupies the number one spot, accounting for 32 percent of reported exploit attempts, and CTO Roger Thompson warns users to expect a new round of attacks.
Read more. |
| |
|
| Nov 27, 2006 |
Exploit Prevention Labs Announces New Safe Surfing Product Line
Exploit Prevention Labs, the leading developer of safe surfing software for protection against web-based exploits, today announced the availability of LinkScanner Pro and LinkScanner Lite, providing computer users with real-time protection against malicious web sites, phishing, social engineering and other web-based exploits.
Read more. |
| |
|
| Oct 9, 2006 |
Exploit Prevention Labs Releases September Exploit Prevalence Survey
Exploit Prevention Labs, the leading developer of anti-exploit software, today released findings for its September 2006 Exploit Prevalence Survey™. The new IE VML Overflow exploit easily captured the number one position accounting for 45 percent of all attempted exploits.
Read more. |
| |
|
| Sept 22, 2006 |
Exploit Prevention Labs Discovers Cyber Criminals
Using eCards To Deliver Exploits
Researchers at Exploit Prevention Labs recently uncovered a major cyber criminal ring operating in Australia using what appear on the surface to be Yahoo Greetings ecards to infect thousands of computer users with malicious keylogger malware, which was then used to steal credit card numbers, bank account usernames and passwords, and other personal information.
Read more. |
| |
|
| Sept 20, 2006 |
Exploit Prevention Labs Announces Protection Against Latest IE Vulnerability Exploits
Exploit Prevention Labs this morning announced that the company’s SocketShield product is able to pre-emptively identify and block sites where the latest IE security vulnerability, acknowledged by Microsoft yesterday (http://www.microsoft.com/technet/security/advisory/925568.mspx), is being actively exploited by WebAttacker-generated code.
Read more. |
| |
|
| Sept 12, 2006 |
Exploit Prevention Labs Releases August Exploit Prevalence Survey
Exploit Prevention Labs today released findings for its August 2006 Exploit
Prevalence Survey. New to this report is coverage of orphaned lure sites, sites
that have been exploited in the past and may be used again in the future but
which are currently 'orphaned' from any exploit distribution network.
Read more. |
| |
|
| Aug 3, 2006 |
Exploit Prevention Labs Releases July Exploit Prevalence Survey
Exploit Prevention Labs (http://www.explabs.com), the leading developer of anti-exploit software, today released findings for its July 2006 Exploit Prevalence Survey. Highlights include a big increase in IFramers Launch Script use, up from 16% to 26%, closely followed by WebAttacker and a resurgence of WMF exploits.
Read more. |
| |
|
| July 19, 2006 |
Exploit Prevention Labs Protects MySpace Users Against Ad-based exploits
Users of MySpace, the popular social networking site, have joined the ranks of unwitting victims of cybercriminals using banner ads to distribute vulnerability exploits. If their PCs had been protected by Exploit Prevention Labs’ SocketShield, this would not have been the case.
Read more.
|
| |
|
| July 17, 2006 |
Exploit Prevention Labs releases LinkScanner ™
Exploit Prevention Labs, the leading developer of anti-exploit protection, today announced the immediate availability of LinkScanner (http://www.explabs.com/linkscanner), a free online service that enables users to scan individual URLs for dangerous exploits. LinkScanner gives web surfers a definitive safe/not safe answer in seconds, and is the first product of the company's recently-completed SDK.
Read more. |
| |
|
| July 10, 2006 |
Exploit Prevention Labs Releases Exploit Prevalence Survey for Month of June
Exploit Prevention Labs, the leading developer of anti-exploit protection, today released findings for its Exploit Prevalence Survey™ for the month of June. The Exploit Prevalence Survey, which debuted on June 8, is the industry’s first monthly survey to measure the top web-borne exploits based on real-world prevalence data.
Read more |
| |
|
| June 19, 2006 |
Exploit Prevention Labs Ships SocketShield; Protects Against Drive-By Downloads and Zero-Day Exploits
Exploit Prevention Labs, a developer of anti-exploit software for protection against drive-by downloads and zero-day exploits, today announced that it has successfully completed beta-testing of its flagship SocketShield software.
Read more |
| |
|
| June 8, 2006 |
Exploit Prevention Labs Releases Industry's First Exploit Prevalence Survey
Exploit Prevention Labs, the leading developer of anti-exploit software, today released findings from its Exploit Prevalence Survey™, the industry's first monthly survey to measure the rise of Internet-borne exploits and zero-day attacks.
Read more |
| |
| May 5, 2006 |
Trusted Web Sites Not Always Trustworthy, Says Noted Computer Security Researcher
The next time you click on a link in your Google, Yahoo or MSN search results, hold your breath. Although most of us feel relatively safe when we click on search results or visit the web sites or blogs of trusted businesses or friends, we shouldn't be so carefree, according to Roger Thompson.
Read more |
| |
| May 1, 2006 |
Security Software Veterans Launch Exploit Prevention Labs to Deliver Breakthrough Protection Against Zero-Day Exploits
Bob Bales and Roger Thompson, two computer security industry pioneers, have joined forces to launch Exploit Prevention Labs, a new computer security software company. The company's first product, SocketShield, now in beta, protects Internet users against the growing threat of zero-day exploits that take advantage of unpatched vulnerabilities in Windows operating systems and applications.
Read more |
| |
|
|
|
|
