Avinti on Tuesday announced the beta release of an e-mail gateway plug-in designed to stop malware hidden inside spam.
Called NEWT, for Neutralize E-mail-Web Threats, the software is designed to block URLs and IP addresses embedded in inbound
spam messages that link to known malware sites, according to company officials.
Read the latest WhitePaper - IP Surveillance - The Next Generation Security Camera Application
Instead of including malware with a spam message and hoping the recipient will download it, many spammers are instead including an embedded link in the e-mail to an infected
Web site. For malware such as Storm, users that haven’t updated their browsers with the most recent security patches can immediately become infected simply by
visiting the Web site; users with up-to-date browsers can also inadvertently download the malware by clicking on links when
prompted.
By using this linked approach, spammers can avoid antivirus scans yet still infect PCs to become part of a botnet or secretly
record personal information that is entered, officials say.
NEWT compares the links found in an organization’s inbound e-mail messages with a database of known sites that download malware
discovered by another Avinti product called iSolation Server, and from published blacklists. The NEWT filter is updated with
new information about sites every 30 minutes, officials say, and also sends new URLs discovered in inbound mail back to Avinti
for investigation.
NEWT runs with a variety of popular mail transfer agents, including SendMail and Postfix.
More information on the public beta program is here. Eventually NEWT will be a freely available service for the general public, officials say.
|
