Press Releases

EXPLOIT PREVENTION LABS ANNOUNCES NEW SAFE SURFING PRODUCT LINE WITH LINKSCANNER PRO AND LINKSCANNER LITE

Updated Technology Delivers Improved Protection Against Zero-Day Exploits, Malicious Search Result Hyperlinks, Phishing and Social Engineering Sites, Malicious Ad Servers and Crack Servers

November 27, 2006 – Atlanta, GA – Exploit Prevention Labs (http://www.explabs.com), a leading developer of safe surfing software for protection against web-based exploits, today announced an expanded LinkScanner product line and new technology enhancements to combat malicious web sites, phishing, social engineering and other web-based exploits.

This development comes at a time when cybercriminals motivated by profit are stepping up their attacks against users of web-based applications such as search engines, blogs, online bank and brokerage accounts, and social networking sites. Cybercrime robs businesses and consumers of billions of dollars each year. A year ago, Valerie McNiven, an advisor to the US government, told Reuters that global cybercrime had become bigger than drug trafficking. "Last year was the first year that proceeds from cybercrime were greater than proceeds from the sale of illegal drugs, and that was, I believe, over $105 billion."

The new Exploit Prevention Labs products are LinkScanner Pro™ and LinkScanner Lite™. LinkScanner Pro™, a $29.95 safe surfing Windows application, provides real-time, automatic protection against malicious web sites, drive-by downloads and other crimeware exploits. LinkScanner Lite is a free application that provides Internet Explorer users with real-time scanning of Google, MSN and Yahoo search results for web-based threats, as well as on-demand scanning of individual links. Support for Firefox and other browsers and search engines is in development.

“We’re living in a Web 2.0 world, where web sites interconnect in ways that traditional security defenses never anticipated,” said Roger Thompson, co-founder and CTO of Exploit Prevention Labs. “Trusted web sites can’t always be trusted, especially when they unknowingly harbor malicious hyperlinks. We’ve always protected against web-based exploits that target unpatched security vulnerabilities, and now we’re extending that protection to the other most prevalent threat delivery methods of phishing and social engineering.”

Online communities and applications are especially vulnerable to exploitation by cybercriminals because users connect to them via the browser’s HTTP protocol, which bypasses firewall and other traditional defenses. Exploits can spread rapidly among online applications such as blogs and social networking sites, because these sites often interconnect with dozens of other online applications via HTML hyperlinks, IFRAME links, RSS and cross-site scripting not monitored by typical online security measures. As online application providers broaden the functionality of their offerings, they also increase the odds of introducing security vulnerabilities.

New LinkScanner Functionality Delivers Industry’s Most Reliable Protection Against Web-based Exploits

The new LinkScanner family of safe surfing software and services delivers the industry’s most reliable real-time protection against web-based exploits and malicious web sites. Building on Exploit Prevention Labs’ original SocketShield™ anti-exploit technology, the LinkScanner family adds new SearchShield™ functionality to protect users against malicious hyperlinks in search engine results. The products also add protection against malicious phishing, social engineering, and warez web sites that distribute cracked software, and advertising networks known to distribute malicious text and banner ads.

Conventional safe surfing applications such as McAfee® SiteAdvisor, which judge web site safety based on historical data, are recognized as delivering results that are up to 50% inaccurate. SiteAdvisor’s approach is simply inadequate to deal with the highly dynamic nature of today’s web threats. LinkScanner’s real-time approach, by contrast, delivers definitive information about the threats present on any web site at the only time that matters – the time the user is about to click through to that site.

A chart detailing the differences between the LinkScanner products and McAfee SiteAdvisor is attached below as an addendum to this release.

LinkScanner Backed by Exploit Prevention Labs’ Patent-Pending Intelligence Network

LinkScanner is powered by Exploit Prevention Labs’ patent-pending Intelligence Network, which brings together a unique combination of research techniques:

• Exploit Intelligence is an extended network of human researchers, automated probes, honeypots, "hunting pots," and search bots focused on discovering new vulnerabilities and exploit examples.
• The Reputation Filter creates an intelligent filter for known and suspected exploit distribution sites.
• Community Intelligence is the community of Exploit Prevention Labs users who allow information about attempted exploitation of their computers to be collected as part of the Intelligence Network. This allows LinkScanner users to serve as an extension of Exploit Prevention Labs’ research efforts, providing a virtual “Neighborhood Watch for the Web” community of users
• SiteID digs beneath the surface of any site’s publicly-stated ownership to determine whether the site is really operated by the person or entity who claims to own it.
• The Correlation Engine aggregates intelligence gained through this research, assembles it in real time, and distributes it transparently back to the community, providing exploit-specific protection within minutes of a zero-day exploit discovery.

LinkScanner Provides Reliable Protection against Web-based Exploits in a Lightweight Application

Unlike many security software products that sap memory, disk space and computing resources, LinkScanner products are extremely lightweight. LinkScanner Pro requires only 10MB of RAM and 4MB of hard disk space, and LinkScanner Lite requires even less. Both products support all versions of Windows 2000 and XP and require minimal computing resources to operate.

The LinkScanner family provides a critical layer of security that complements the defenses provided by traditional security solutions. Firewalls cannot stop exploits because exploits enter within the trusted communications stream of the user’s browser connection. Anti-virus and anti-spyware applications can’t protect against exploits because they must wait for the malware code to hit the hard disk in order to detect it, and by that time most exploits have already executed their payload. Patch management systems can’t distribute a patch until the application vendor releases it, often weeks or months after the discovery of a security vulnerability. And patching as a general practice, while critical, often fails because it relies on users taking action of their own volition.

Pricing, Specifications and Availability

LinkScanner Pro and LinkScanner Lite are now available from Exploit Prevention Labs’ web site at http://www.explabs.com.

LinkScanner Pro is priced at $29.95, including a one-year subscription for unlimited updates and online technical support. A fully functional 30-day evaluation can be downloaded from http://www.explabs.com/downloads/LSP Current licensed SocketShield users can upgrade to LinkScanner Pro at no charge.

LinkScanner Lite, which offers many of the same features as LinkScanner Pro but without the convenient automation, is free and can be downloaded from http://www.explabs.com/downloads/LSL

LinkScanner Online, available at http://linkscanner.explabs.com, is a free real-time online URL scanning service that lets users know whether any individual site they intend to visit has been poisoned by an exploit distribution network. LinkScanner Online supports all major web browsers and is freely available for incorporation into third-party websites. Interested webmasters can request the code through Exploit Prevention Labs’ website at http://www.explabs.com/LinkScanner/MyLinkScanner/.

About Exploit Prevention Labs

Founded by information security veterans Bob Bales and Roger Thompson in 2005, Exploit Prevention Labs develops the LinkScanner family of safe surfing software and services. LinkScanner Pro, LinkScanner Lite and LinkScanner Online provide patent-pending protection against malicious web sites and web-based exploits during the critical risk window between the announcement of a security vulnerability and the provision of a patch by the vendor. A Software Development Kit (SDK) is also available to enable third party vendors to incorporate Exploit Prevention Labs’ technology in their own applications and services. More information about Exploit Prevention Labs and LinkScanner may be found on the company’s website at http://www.explabs.com.

###

Media Contact:
Tim Shisler/Julie Parayno
Dovetail Public Relations
408.395.3600
xpl at dovetailpr.com

Functionality Comparison Chart, LinkScanner vs. McAfee SiteAdvisor