Security Researcher Amit Klein Can Discuss Kaminsky DNS Cache Poisoning Flaw

--(BUSINESS WIRE)--Trusteer

WHO:			Amit Klein, noted internet security researcher and CTO of Trusteer, is an expert DNS issues and endpoint security. He has discovered and reported numerous DNS vulnerabilities http://www.trusteer.com/research. Prior to Trusteer he was Chief Scientist at Cyota, Inc. (now part of RSA Security) a leading provider of layered authentication solutions. In this role, Mr. Klein researched technologies that prevent online fraud, phishing, pharming.
WHAT:			Researchers have released software that exploits the recently leaked flaw in the Internet's Domain Name System (DNS) software. The bug was discovered by IOActive researcher Dan Kaminsky earlier this month. The attack code was released Wednesday by developers of the Metasploit hacking toolkit. By exploiting this vulnerability an attacker can redirect an ISP's users to a malicious phishing server every time they try to visit a legitimate website.
			Amit Klein can discuss the nature of this attack, how it works, and what organizations, especially online financial services providers, can do to protect their customers.
WHERE:			Via conference call.
WHEN:			Mr. Klein is available immediately for interviews. Please contact Marc Gendron at 781-237-0341, or marc@mgpr.net.
HOW:			The Trusteer Rapport product protects users from this DNS Cache Poisoning flaw (and similar DNS poisoning/spoofing techniques) by performing in-the-cloud validation of IP addresses. When a user enters a website address protected by Rapport, an in-the-cloud service operated by Trusteer ensures that the IP address really belongs to the website and was not replaced with a malicious destination. If the IP address does not belong to the authentic website the Trusteer service performs the following actions:
			(1) Returns a valid IP address for the website to Rapport, which replaces the fraudulent IP address with the legitimate address
			(2) Informs the website's owner of the fraudulent IP address and the website it points to
			(3) Updates all Rapport desktop agents with this malicious IP address to prevent further redirect attempts to it.

About Trusteer

Trusteer enables online businesses to establish a secure communication tunnel with their customers over the Internet that stretches from user's keyboard into the company's website. Trusteer's flagship product, Rapport, allows online banks, brokerages, and retailers to protect their customers from identity theft and financial fraud. Unlike conventional approaches to Web security, Rapport protects users' confidential information even if their computer is infected with malware including Trojans and keyloggers, or is victimized by pharming, phishing attacks. Trusteer is a privately held corporation led by former executives from Cyota/RSA Security, Imperva, and NetScreen/Juniper. For more information visit www.trusteer.com