Kneber Botnet
Updated: 20 Aug 2010 | 1 comment
Hello Team,
Please see this article:
http://www.msnbc.msn.com/id/35456838/ns/technology...
FTA
"NetWitness CEO Amit Yoran said in a statement that "Conventional malware protection and signature-based intrusion detection systems are, by definition, inadequate for addressing Kneber or most other advanced threats."
Please help me understand>
is this a souped up version of the Zues Botnet?
Also, my concern is, Is the primary vector of this virus phishing? It would appear from the article that this might be so.
How can we leverage SEP to protect our network against these sorts of threats?
Thank you,
Discussion Filed Under:
Comments
Kneber is one group of
Kneber is one group of machines infected with Zeus. Kneber is Zeus. We've had protection for this for some time. We have protection from Zeus with both AV and IPS signatures. So using both technologies in SEP will provide you with the best protection.
One of the main ways that Zeus is spread is through SPAM email. So good SPAM filtering us helps.
I've posted on this subject in another threat. If you are interested in the signature names or links to more information. please check there.
https://www-secure.symantec.com/connect/forums/kneber-botnet
Would you like to reply?
Login or Register to post your comment.